Home
Privacy statement

Privacy statement

Privacy policy

With this data protection notice we inform you about our handling of your personal data and about your rights according to the European Data Protection Regulation (DSGVO) and the German Federal Data Protection Act (BDSG). The responsible party for data processing is Management-Institut Dr. A. Kitzmann GmbH & Co. KG (hereinafter referred to as "we" or "us").

1. General information

1.1 Contact

If you have any questions or suggestions regarding this information, or if you wish to contact us about asserting your rights, please send your request to

Management Institute Dr. A. Kitzmann GmbH & Co. KG

Dorpatweg 10

48159 Münster

Germany

Tel. +49 251 202050

E-mail: info@kitzmann.biz

1.2 Legal basis

The term "personal data" under data protection law refers to all information that relates to an identified or identifiable individual. We process personal data in compliance with the relevant data protection regulations, in particular the DSGVO and the BDSG. Data processing by us only takes place on the basis of a legal permission. We process personal data only with your consent (Section 25 (1) TTDSG or Art. 6 (1) a DSGVO), for the performance of a contract to which you are a party or at your request for the performance of pre-contractual measures (Art. 6 (1) b DSGVO), for the performance of a legal obligation (Art. 6 (1) lit.or if the processing is necessary to protect our legitimate interests or the legitimate interests of a third party, unless your interests or fundamental rights and freedoms requiring the protection of personal data override these (Art. 6 para. 1 lit. f DSGVO).If you apply for a vacant position in our company, we will also process your personal data for the purpose of deciding whether to establish an employment relationship (Section 26 (1) sentence 1 BDSG).

1.3 Duration of storage
Unless otherwise stated in the following notes, we store the data only for as long as is necessary to achieve the processing purpose or to fulfill our contractual or legal obligations. Such legal retention obligations may arise in particular from commercial or tax law regulations. From the end of the calendar year in which the data was collected, we will retain such personal data contained in our accounting records for ten years and retain personal data contained in commercial letters and contracts for six years. In addition, we will retain data in connection with consents requiring proof as well as with complaints and claims for the duration of the statutory limitation periods. We will delete data stored for advertising purposes if you object to processing for this purpose.

1.4 Categories of recipients of the data
We use order processors as part of the processing of your data. Processing operations carried out by such processors include, for example, hosting, sending e-mails, maintenance and support of IT systems, customer and order management, order processing, accounting and billing, marketing measures or file and data carrier destruction. A processor is a natural or legal person, authority, institution or other body that processes personal data on behalf of the data controller. Processors do not use the data for their own purposes, but carry out data processing exclusively for the data controller and are contractually obligated to ensure appropriate technical and organizational measures for data protection. In addition, we may transmit your personal data to bodies such as postal and delivery services, house bank, tax consultancy/auditing company or the financial administration. For the purpose of infection control, data may be transferred to the responsible public health department. Further recipients may result from the following information.

1.5 Data transfer to third countries
Our data processing operations may involve the transfer of certain personal data to third countries, i.e. countries where the GDPR is not applicable law. Such a transfer is permissible if the European Commission has determined that an adequate level of data protection is warranted in such third country. If such an adequacy decision by the European Commission does not exist, a transfer of personal data to a third country will only take place if appropriate safeguards are in place in accordance with Article 46 of the GDPR or if one of the conditions of Article 49 of the GDPR is met.
Unless otherwise stated below, we use the EU standard data protection clauses as suitable safeguards for the transfer of personal data in third countries. You have the possibility to obtain a copy of these EU standard data protection clauses or to inspect them. To do so, please contact us at the address given under Contact.
If you consent to the transfer of personal data to third countries, the transfer will take place on the legal basis of Article 49 (1) a DSGVO.

1.6 Processing when you exercise your rights
If you exercise your rights pursuant to Art. 15 to 22 DSGVO, we will process the transmitted personal data for the purpose of implementing these rights by us and to be able to provide evidence thereof. We will only process data stored for the purpose of providing information and preparing it for this purpose and for data protection control purposes and otherwise restrict processing in accordance with Art. 18 DSGVO.
These processing operations are based on the legal basis of Art. 6 para. 1 lit. c DSGVO in conjunction with. Art. 15 to 22 DSGVO and Section 34 (2) BDSG.


1.7 Your rights
As a data subject, you have the right to assert your data subject rights against us. In particular, you have the following rights:

  • In accordance with Art. 15 DSGVO and § 34 BDSG, you have the right to request information about whether and, if so, to what extent we are processing personal data relating to you or not.
  • You have the right to demand that we correct your data in accordance with Art. 16 DSGVO.
  • You have the right, in accordance with Art. 17 DSGVO and § 35 BDSG, to demand that we delete your personal data.
  • You have the right to have the processing of your personal data restricted in accordance with Art. 18 DSGVO.
  • You have the right, in accordance with Art. 20 DSGVO, to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format and to transfer this data to another controller.
  • If you have given us separate consent to data processing, you may revoke this consent at any time in accordance with Article 7 (3) DSGVO. Such a revocation will not affect the lawfulness of the processing that was carried out on the basis of the consent until the revocation.
  • If you believe that a processing of personal data concerning you violates the provisions of the GDPR, you have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR.

1.8 Right of objection
In accordance with Art. 21 (1) DSGVO, you have the right to object to processing based on the legal basis of Art. 6 (1) (e) or (f) DSGVO on grounds relating to your particular situation. If personal data about you is processed by us for the purpose of direct marketing, you may object to such processing pursuant to Art. 21 (2) and (3) DSGVO.


1.9 Data protection officer
You can reach our data protection officer at the following contact details:
E-mail: datenschutz@kitzmann.biz


2. General data processing on our website
When using the website, we collect information that you provide yourself. In addition, during your visit to the website, we automatically collect certain information about your use of the website. In data protection law, the IP address is also generally considered to be a personal data. An IP address is assigned to every device connected to the Internet by the Internet provider so that it can send and receive data.

2.1 Processing of server log files
During the purely informative use of our website, general information that your browser transmits to our server is initially stored automatically (i.e. not via registration). This includes by default: browser type/version, operating system used, page accessed, the previously visited page (referrer URL), IP address, date and time of the server request and HTTP status code. The processing is carried out to protect our legitimate interests and is based on the legal basis of Art. 6 (1) f DSGVO. This processing serves the technical administration and security of the website. The stored data will be deleted after 14 days unless there is a justified suspicion of unlawful use based on concrete indications and further examination and processing of the information is necessary for this reason. We are not able to identify you as a data subject on the basis of the stored information. Articles 15 to 22 of the GDPR therefore do not apply pursuant to Article 11 (2) of the GDPR, unless you provide additional information that enables us to identify you in order to exercise your rights set out in these articles.

2.2 Registration for seminars
You can register for our seminars on our website. The required information can be seen from the registration input mask. All data fields marked as mandatory are required to register for the seminar. Failure to provide this information will result in us not being able to process your registration. The legal basis for your processing is Art. 6 para. 1 letter b DSGVO.
The provision of further data is voluntary. We process such voluntarily provided data on the basis of Art. 6 para. 1 letter f DSGVO.
We pass on the registration information to freelance seminar trainers for the purpose of conducting the seminar.

2.3 Contact options and requests
Our website contains contact forms through which you can send us messages. The transfer of your data is encrypted (recognizable by the "https" in the address line of the browser). All data fields marked as mandatory are required to process your request. Failure to provide this data will result in us not being able to process your request. The provision of further data is voluntary. Alternatively, you can send us a message via the contact e-mail.
We process the data for the purpose of answering your inquiry. If your request is directed towards the conclusion or performance of a contract with us, Art. 6 (1) b DSGVO is the legal basis for data processing. Otherwise, we process the data on the basis of our legitimate interest in contacting inquiring persons. The legal basis for data processing is then Art. 6 para. 1 lit. f DSGVO.

2.4 Newsletter
We offer on our website the possibility to register for our newsletter. After registration, we will inform you regularly about the latest news on our offers. A valid e-mail address is required to register for the newsletter. To verify the e-mail address, you will first receive a registration e-mail, which you must confirm via a link (double opt-in).
If you subscribe to the newsletter on our website, we process personal data such as your e-mail address and name based on the consent you have given. The processing is based on the legal basis of Art. 6 (1) a DSGVO. You can revoke the consent given at any time with effect for the future, for example via the "unsubscribe" link in the newsletter or by contacting us via the channels mentioned above. The legality of the data processing operations already carried out remains unaffected by the revocation.
When registering for the newsletter, we also store the IP address and the date and time of registration. The processing of this data is necessary in order to be able to prove that consent has been given.
The legal basis arises from our legal obligation to document your consent (Art. 6 para. 1 letter c in conjunction with Art. 7 para. 1 DSGVO).

We also analyze the reading behavior and opening rates of our newsletter. We evaluate the data generated during the delivery and retrieval of our emails in aggregated and anonymized form (delivery rate, open rate, click rates, unsubscribe rate, bounce rate, visits, completions) in order to measure the use and success of the emails.
The legal basis for the analysis of our newsletter is Art. 6 para. 1 lit. f DSGVO and the processing serves our legitimate interest in optimizing our newsletter. You can object to this at any time by contacting one of the contact channels mentioned above.

On the other hand, we also evaluate the data generated when you retrieve and use these e-mails (time of opening, hyperlinks clicked, documents downloaded) as well as transaction data on downstream websites on a personal basis in conjunction with your e-mail address in order to send you individualized information in the future on this basis as well, which takes your interests and needs into account in the best possible way. We use the anonymous and personal data collected to provide you with personalized content and individualized information in our promotional e-mails and downstream websites.
The legal basis for data processing in the context of e-mails is Art. 6 (1) a DSGVO. You can revoke your consent at any time with future effect, for example via the "unsubscribe" link in the newsletter or by contacting us via the channels mentioned above.
For the administration of the subscriptions, the dispatch of the newsletter and the analysis, we use the service Evalanche of SC-Networks GmbH (Germany, EU). Your e-mail address and name are therefore transmitted by us to the service provider. If you do not want your data to be processed by this service provider, you should not subscribe to or unsubscribe from the newsletter.
Further information on data processing by SC-Networks GmbH can be found at: https://www.sc-networks.de/datenschutz/.

2.5 Payment service provider
To pay for our service, you can choose between different options. For this purpose, we work with various payment providers.


Payment by credit card
We offer you the possibility to pay by credit card. Please note that the respective payment information is collected and processed by the respective payment service providers on their own responsibility.


Payment via PayPal
Furthermore, you have the possibility to pay via PayPal. Please note that the relevant payment information is collected and processed by PayPal (Europe) S.à r.l. et Cie, S.C.A. (Luxembourg, EU) on its own responsibility. PayPal transmits to us your address data stored at PayPal, which we process exclusively for the purpose of processing the contract.


The legal basis is Art. 6 para. 1 letter b DSGVO.
Further information on data protection at PayPal can be found at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE#r5.

2.6 Applications
You have the option of applying via our website in the Jobs section. For this purpose, we collect personal data from you, including in particular your name, CV, letter of application and other content provided by you. Your personal application data will only be processed for purposes related to your interest in current or future employment with us and the processing of your application. Your application will only be processed and noted by the relevant contacts at our company. All employees entrusted with data processing are obliged to maintain the confidentiality of your data. If we are unable to offer you employment, we will retain the data you have provided for up to six months after completion of the application process for the purpose of answering questions relating to your application and rejection. This does not apply if legal provisions prevent deletion, if further storage is necessary for the purpose of providing evidence, or if you have expressly consented to longer storage.
The legal basis for the collection of data is Section 26 (1) sentence 1 BDSG.
If we store your applicant data for longer than two months and you have expressly consented to this, we would like to point out that this consent can be freely revoked at any time in accordance with Article 7 (3) DSGVO. Such revocation will not affect the lawfulness of the processing that was carried out on the basis of the consent until the revocation.

2.7 Cookies
We use cookies and comparable technologies ("cookies") on our website. Cookies are small data sets that are stored by your browser when you visit a website. This identifies the browser used and can be recognized by web servers. You have full control over the use of cookies through your browser. You can delete the cookies in the security settings of your browser at any time. You can object to the use of cookies through your browser settings in principle or for specific cases.
The use of cookies is partly technically necessary for the operation of our website and thus permissible without the consent of the user. In addition, we may use cookies to offer special features and content and for analysis and marketing purposes. These may also include cookies from third-party providers (so-called third party cookies). We only use such technically unnecessary cookies with your consent in accordance with Section 25 (1) TTDSG and, if applicable, Article 6 (1) a DSGVO. You can find information about the purposes, providers, technologies used, stored data and the storage period of individual cookies in the cookie settings of our Consent Management Tool.

2.8 Consent Management Tool


This website uses the Consent Management Tool Cookiebot of Cybot A/S /(Denmark, EU) to control cookies and the processing of personal data. The Consent Banner allows users of our website to give their consent to certain data processing procedures or to revoke their consent. By confirming the "I accept" button or by saving individual cookie settings, you consent to the use of the associated cookies. The legal basis under data protection law is your consent within the meaning of Art. 6 (1) a DSGVO.
In addition, the banner supports us in being able to provide evidence of the declaration of consent. For this purpose, we process information about the declaration of consent and further log data about this declaration. Cookies are also used to collect this data.
The processing of this data is necessary in order to be able to prove that consent has been given. The legal basis arises from our legal obligation to document your consent (Art. 6 para. 1 letter c in conjunction with Art. 7 para. 1 DSGVO).
Here you can revoke your consent for cookies
2.9 Tracking & Retargeting


a) Google Ads
We use the online advertising program Google Ads of Google Ireland Limited (Ireland, EU) on our website, through which we place advertisements on the Google search engine. If you access our website via a Google ad, Google sets a cookie on your terminal device ("conversion cookie"). In the process, a different conversion cookie is assigned to each Google Ads customer, so that the cookies are not tracked across the websites of different Ads customers. The information obtained with the help of the cookie is used to create conversion statistics. Thus, we learn the total number of user:s who clicked on one of our Google ads. However, we do not receive any information By which users can be personally identified.
The processing of your data is based on your consent in accordance with Art. 6 (1) a DSGVO.
Cookies are set with your consent, which you can revoke at any time with future effect via Consent Management Tool. For more information on data protection at Google, please refer to Google's privacy policy at https://policies.google.com/privacy#infocollect.


b) Google Optimize
We use the Google Optimize service on our website, which is offered by Google Ireland Limited (Ireland, EU - "Google Optimize"). Using Google Optimize, we can test various designs and settings of our website and, based on the results, adapt our website to the needs and wishes of website visitors. For the analysis of the test results, the Google Optimize service is linked to the Google Analytics analysis service. In the process, your IP address is transmitted to Google Ireland Limited.
We process your personal data only with your consent.
The legal basis for the processing of personal data described here as part of the measurement process is Article 6 (1) a DSGVO.
Cookies are set and read on your terminal device for the functionality of the service. Such storage of information or access to information already stored in your terminal device will only take place with your consent. The legal basis for data processing is therefore Section 25 (1) TTDSG.
You can find further information on these processing activities, the technologies used, stored data and the storage period in the settings of our Consent Management Tool.
For more information on data processing, please visit: https://policies.google.com/privacy


c) Google Analytics
We use the Google Analytics service of the provider Google Ireland Limited (Ireland, EU) on our website.
By Google Analytics is a web analysis service, with the help of which we can collect and analyze data about the behavior of visitors to our website. Google Analytics uses cookies for this purpose, which enable an analysis of the use of our website. Personal data in the form of online identifiers (including cookie identifiers), IP addresses, device identifiers and information about interaction with our website are processed.
In part, this data is information stored in the terminal device you are using. In addition, further information is also stored on your used end device via the cookies used. Such storage of information by Google Analytics or access to information that is already stored in your end device will only take place with your consent.
Google Ireland will process the data collected in this way on our behalf in order to evaluate the use of our website by the user:inside, to compile reports on the activities within our website and to provide us with further services associated with the use of our website and Internet use. In doing so, pseudonymous usage profiles of the users can be created from the processed data.
The setting of cookies and the further processing of personal data described here takes place with your consent. The legal basis for data processing in connection with the Google Analytics service is therefore Art. 6 (1) a DSGVO. You can revoke this consent via our Consent Management Tool at any time with effect for the future.
We use the Google Analytics 4 variant, which allows us to track interaction data from different devices and from different sessions. This allows us to put individual user actions in context and analyze long-term relationships.
Data about user actions is stored for a period of 14 months and then automatically deleted. All other event data is stored for 2 months and then automatically deleted. In this regard, the deletion of data whose storage period has expired takes place automatically once a month.
We also use the Google Analytics advertising functions (remarketing). This function enables us, in conjunction with the cross-device functions of Google, to display advertisements in a more targeted manner and to present users with ads that are tailored to their interests. Via remarketing, users are shown ads and products for which interest has been identified on other websites in the Google network. The function allows us to link advertising target groups created via Google Analytics Remarketing with the cross-device functions of Google Ads. In this way, interest-based, personalized advertising messages that have been adapted to a user depending on previous usage and surfing behavior on one end device (e.g. cell phone) can also be displayed on another end device of the user (e.g. tablet or PC).
If you have given your consent, Google will link your web and app browsing history with your Google account for this purpose. In this way, the same personalized advertising messages can be served on every end device on which you log in with your Google account. The aggregation of the collected data in your Google account is based solely on your consent, which you can give or revoke at Google. For these linked services, data is then collected via Google Analytics for advertising purposes. To support the remarketing function, Google Analytics collects users' google-authenticated IDs, which are temporarily linked to our Google Analytics data. This is used to define and create target groups for cross-device ad advertising.
The personal data processed to provide Google Analytics on our behalf may be transferred to any country in which Google Ireland or Google Ireland's sub-processors maintain facilities. Please refer to the notes in the section "Data transfer to third countries".


We only use Google Analytics with IP anonymization activated. This means that the IP address of the user is shortened by Google Ireland within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The IP address transmitted by the user's browser is not merged with other data. Further information on the use of data for advertising purposes can be found in Google's data protection declaration at: www.google.com/policies/technologies/ads/.

d) Facebook Pixel
We use the Facebook Pixel on our website, a meta business tool provided by Meta Platforms Ireland Limited (Ireland, EU). For information on the contact details of Meta Platforms Ireland Ltd. and the contact details of Meta Platforms Ireland Ltd.'s data protection officer, please refer to Meta Platforms Ireland Ltd.'s data policy at https://www.facebook.com/about/privacy.
The Facebook pixel is a JavaScript code snippet that allows us to track the activity of visitors to our website. This tracking is called conversion tracking. The Facebook pixel collects and processes the following information (so-called event data) for this purpose:
- Information about actions and activities of the visitor:s of our website, such as searching and viewing a product or purchasing a product;
- Specific pixel information such as the pixel ID and the Facebook cookie;
- Information about buttons clicked by visitors to the website;
- Information present in HTTP headers, such as IP addresses, web browser information, page location, and referrer;
- Information about the status of disabling/restricting ad tracking.


In part, this event data is information stored in the device you are using. In addition, cookies are also used via the Facebook pixel, through which information is stored on your end device used. Such storage of information by the Facebook pixel or access to information already stored in your end device will only occur with your consent.
Tracked conversions appear in the dashboard of our Facebook Ads Manager and Facebook Analytics. We may use the tracked conversions there to measure the effectiveness of our ads, set Custom Audiences for ad targeting, Dynamic Ads campaigns, and analyze the effectiveness of our website's conversion funnels. The features we use through the Facebook Pixel are described in more detail below.


Processing of event data for advertising purposes
Event data collected via the Facebook Pixel is used for targeting our ads and improving ad delivery, personalizing features and content, and improving and securing meta-products.
For this purpose, event data is collected on our website by means of the Facebook pixel and transmitted to Meta Platforms Ireland Ltd. This only takes place if you have previously given your consent to this. The legal basis for the collection and transmission of personal data by us to Meta Platforms Ireland Ltd. is therefore Art. 6 (1) a DSGVO.


This collection and transmission of event data is carried out by us and Meta Platforms Ireland Ltd. as joint controllers. By we have entered into a joint controller processing agreement with Meta Platforms Ireland Ltd. which sets out the allocation of data protection obligations between us and Meta Platforms Ireland Ltd. In this agreement, we and Meta Platforms Ireland Ltd. have agreed, among other things,
- that we are responsible for providing you with all information pursuant to Art. 13, 14 DSGVO regarding the joint processing of personal data;
- that Meta Platforms Ireland Ltd is responsible for enabling the rights of data subjects under Art. 15 to 20 of the GDPR with respect to personal data stored by Meta Platforms Ireland Ltd after joint processing.
You can access the agreement concluded between us and Meta Platforms Ireland Ltd. at https://www.facebook.com/legal/controller_addendum.


Meta Platforms Ireland Ltd. is the sole responsible party for the subsequent processing of the submitted Event Data. For more information about how Meta Platforms Ireland Ltd. processes personal data, including the legal basis on which Meta Platforms Ireland Ltd. relies and how you can exercise your rights against Meta Platforms Ireland Ltd. see Meta Platforms Ireland Ltd.'s Data Policy at https://www.facebook.com/about/privacy.


Processing of Event Data for Measurement Solutions and Analytics Services.
We have also engaged Meta Platforms Ireland Ltd. to prepare reports on the impact of our advertising campaigns and other online content based on the Event Data collected through the Facebook Pixel (Campaign Reports) and to provide analytics and insights about User:s and their use of our website, products and services (Analytics). We transfer personal data contained in the Event Data to Meta Platforms Ireland Ltd. The transferred personal data is processed by Meta Platforms Ireland Ltd. as our processor to provide us with the campaign reports and analytics.
Personal data will only be processed to provide analytics and campaign reports if you have given your prior consent to do so. The legal basis for this processing of personal data is therefore Art. 6 (1) a DSGVO.
The data processed on our behalf is transmitted by Meta Platforms Ireland Ltd. to Meta Platforms, Inc. in the USA. Meta Platforms Ireland Ltd. transfers the data to Meta Platforms, Inc. on the basis of processor-to-processor standard contractual clauses, but reserves the right to use an alternative transfer method recognized by the GDPR and other applicable data protection laws in the European Economic Area, the United Kingdom and Switzerland.


e) Microsoft Advertising


We use the Microsoft Advertising (formerly Bing Ads) service of the provider Microsoft Ireland Operations Limited (Ireland, EU) on our website. Microsoft Advertising is an online marketing service that uses the Universal Event Tracking (UET) tool to help us display targeted advertisements via the search engines Microsoft Bing, Yahoo, Aol, other search partners (e.g. Ecosia, DuckDuckGo) and the Microsoft Audience Network. Microsoft Advertising uses cookies for this purpose. This involves processing personal data in the form of online identifiers (including cookie identifiers), IP addresses, device identifiers, and information about device and browser settings.
Microsoft Advertising collects data via UET, which allows us to track target groups thanks to remarketing lists. For this purpose, a cookie is stored on the end device used when visiting our website. Microsoft Advertising can thus recognize that our website has been visited and play an advertisement when the above-mentioned services are used at a later time.
The information is also used to create conversion statistics, i.e. to record how many users have reached our website after clicking on an advertisement. We learn the total number of users who clicked on our ad and were redirected to our website. However, we do not receive any information By which users can be personally identified.
The processing of your data is based on your consent in accordance with Art. 6 (1) a DSGVO.


Cookies are set with your consent, which you can revoke at any time with future effect via our Consent Management Tool. For more information on data protection at Microsoft, please refer to Microsoft's privacy notices at https://privacy.microsoft.com/de-de/privacystatement.


f) LinkedIn Insight tag
We use the LinkedIn Insight tag on our website, a marketing product of LinkedIn Ireland Unlimited Company (Ireland, EU - "LinkedIn"). For information on LinkedIn Ireland's contact details and the contact details of LinkedIn Ireland's data protection officer, please refer to LinkedIn's data policy at https://www.linkedin.com/legal/privacy-policy.
The LinkedIn Insight tag is a JavaScript code snippet that is triggered by LinkedIn when you visit our website and stores a cookie on the device you are using. Such storage of information by the LinkedIn Insight tag or access to information already stored in your terminal device and also further processing of personal data in connection with the LinkedIn Insight tag will only take place with your consent.
The legal basis for the collection and transmission of personal data by us to LinkedIn Ireland is therefore Art. 6 (1) a DSGVO.
Via the LinkedIn Insight tag, we can perform various functions, which we describe in detail below.


LinkedIn conversion tracking is an analytics function supported by the LinkedIn Insight tag. The LinkedIn Insight tag allows us to collect data about visits to our website, including URL, referrer URL, IP address, device and browser properties (user agent), and timestamp. IP addresses are truncated or (if used to reach members across devices) hashed. LinkedIn does not provide us with personally identifiable information, but only provides reports (in which you are not identified) on site audience and ad performance. This allows us to track the effectiveness of LinkedIn ads for statistical and market research purposes.
Members' direct identifiers are removed by LinkedIn within seven days to pseudonymize the data. LinkedIn then deletes this remaining pseudonymized data within 180 days.
This processing is done for the purpose of obtaining information about our website audience and a report on the effectiveness of LinkedIn campaigns.
We have entered into a joint controller agreement with LinkedIn, which sets out the distribution of data protection obligations between us and LinkedIn. You can view this here: https://legal.linkedin.com/pages-joint-controller-addendum


You can access more information about data processing by LinkedIn here: https://www.linkedin.com/help/lms/answer/a427660/linkedin-insight-tag-haufig-gestellte-fragen and https://de.linkedin.com/legal/privacy-policy.


Please note that according to LinkedIn's privacy policy, personal data may also be processed by LinkedIn in the U.S. or other third countries. LinkedIn transfers personal data only to countries for which an adequacy decision has been issued by the European Commission pursuant to Article 45 of the GDPR or on the basis of appropriate safeguards pursuant to Article 46 of the GDPR.

2.10. Social Plugin - LinkedIn

We use the plugin of the social network Linkedin of LinkedIn Ireland Unlimited Company, (Ireland, EU). These plugins allow you to share the content of our website on the social network of LinkedIn. For this purpose, when you call up our website, its program code is transmitted directly from the servers of the respective provider. If you are logged into your user account on LinkedIn when visiting our website or interact with the plugin, further data may be transmitted.
The processing of personal data only takes place By your consent and is therefore based on Art. 6 para. 1 letter a DSGVO.
Furthermore, cookies may be set on your end device when using the plugins. This also only takes place with your consent. Section 25 (1) TTDSG serves as the legal basis.
You can obtain further information about the processing of personal data by LinkedIn at https://de.linkedin.com/legal/privacy-policy.


2.11. External media and services of third parties


a) Google Tag Manager


We use the Google Tag Manager of the provider Google Ireland Limited (Ireland, EU) on our website. The Google Tag Manager is used to manage our website tags via an interface. The Google Tag Manager is a cookie-less domain to which the IP address is transmitted for technical reasons. The Google Tag Manager merely ensures that other tags are triggered, which in turn may collect data without accessing this data themselves. If a deactivation has been made at domain or cookie level, this remains in place for all tracking tags implemented with Google Tag Manager.
The legal basis for the transfer of the IP address is Art. 6 para. 1 lit. f DSGVO. As a legitimate interest serves our in an administration of our website services and the triggering of other tags.
For more information on data processing, please visit: https://support.google.com/tagmanager/answer/7157428


a) Adobe Fonts


We use Adobe Fonts from Adobe Systems Software Ireland Limited (Ireland, EU) on our website for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into the browser cache in order to display texts and fonts correctly. For such integration, processing of your IP address is technically necessary so that the content can be sent to your browser. Your IP address is therefore transmitted to Adobe. For licensing reasons, it is necessary that page views are counted, which is why your browser transmits, among other things, our Adobe customer ID as website operator. No cookies are set in the process. You can object to this data processing at any time via the settings of the browser used or certain browser extensions. One such extension is the Matrix-based firewall uMatrix for the Firefox and Google Chrome browsers. Please note that this may result in functional restrictions on the website. If your browser does not support web fonts, a standard font will be used by your computer.
Your data is processed on the basis of Art. 6 (1) (f) DSGVO and is based on our legitimate interest in the uniform and appealing presentation of our website.
For more information on data protection at Adobe, please see Adobe's privacy policy at https://www.adobe.com/de/privacy/policies/adobe-fonts.html.


b) Google Maps


We use Google Maps from Google Ireland Limited (Ireland, EU) on our website to display maps and for virtual tours. For such integration, processing of your IP address is technically necessary so that the content can be sent to your browser. Your IP address is therefore transmitted to Google and Google may set its own cookies.
The processing of your data is based on your consent in accordance with Art. 6 (1) a DSGVO.
For more information on data protection at Google, please refer to Google's privacy policy at https://www.google.com/policies/privacy.


c) YouTube


We use the YouTube service of Google Ireland Limited (Ireland, EU) on our website to integrate videos. For such an integration, a processing of your IP address is technically necessary so that the content can be sent to your browser. Your IP address is therefore transmitted to Google and Google may set its own cookies. We use YouTube in "extended data protection mode", so that no cookies are set by YouTube to analyze user behavior.
The processing of your data is based on your consent in accordance with Art. 6 (1) a DSGVO.
For more information on data protection at Google, please refer to Google's privacy policy at https://www.google.com/policies/privacy.


d) Chat service


We have integrated the chat service Zendesk of the provider Zendesk Inc. (USA) on our website. This allows you to ask us questions or leave a request and contact details. All data fields marked as mandatory are required to process your request. Failure to provide this information will result in us not being able to process your request. Alternatively, you can send us a message via the contact email. We process the data for the purpose of answering your request.
For the display and functionality of the chat service, the transmission of your IP address as well as technical device and browser information to the chat service provider is required.
If your request is directed towards the preparation or execution of a contract with us, Art. 6 (1) b DSGVO is the legal basis for data processing. In addition, it serves our legitimate interest pursuant to Art. 6 (1) (f) DSGVO in a quick and targeted processing of questions from website visitors and companies.
Cookies may be set on your terminal device to integrate the service. Cookies are set with your consent pursuant to Section 25 (1) TTDSG, which you can revoke at any time with future effect via our Consent Management Tool.
When using the service, a transfer of your data to the USA cannot be ruled out. Please note the information in the section "Data transfer to third countries". For more information on data protection at Zendesk, please refer to Zendesk's privacy policy at https://www.zendesk.de/company/agreements-and-terms/privacy-notice/#georedirect.


e) Weather widget


We have implemented an application on our website that shows you the weather and time depending on whether you agree to the localization of your location. For this purpose, current weather data from the provider openweathermap.org of Openweather Ltd (United Kingdom) is displayed.
To display the weather data and the time, the transmission of the IP address to Openweather Ltd. is technically necessary. The display of the weather forecast is done in the interest of an appealing and informative presentation of our website. This constitutes a legitimate interest and the transfer of the IP address is thus based on Art. 6(1)(f) DSGVO.
The United Kingdom does constitute a third country within the meaning of the GDPR. However, the transfer of personal data to Openweather Ltd. is based on an adequacy decision of the European Union within the meaning of Art. 45 DSGVO. For more information on data protection at Openweather Ltd., please refer to the privacy notices of Openweather Ltd. at: https://openweather.co.uk/privacy-policy.


f) We use the Mouseflow analysis tool on our website. Mouseflow's platform is 100% GDPR (DSGVO) compliant, as required by the European Union. You can learn more about the processing of data here: https://mouseflow.com/de/privacy-policy/ Mouseflow ApS, Flaesketorvet 68, 1711 Copenhagen V, Denmark

3. Data processing for the implementation of seminars
3.1 Transfer of personal data to the lecturers

We pass on personal data - e.g. the names of participants and contact details - to our lecturers for the purpose of conducting the event. The presenters provide us with information on the participation of the participants in order to be able to send corresponding certificates or confirmations of participation to the participants after the event.
The legal basis for the data processing is Art. 6 para. 1 letter b DSGVO.


3.2 Video streaming services

In order to communicate with prospective or existing contractual partners or to be able to provide services to our customers, we use various video streaming services. In doing so, your personal data is collected and processed by us and the provider of the respective conference tool for communication purposes.
In doing so, the provider of the tool processes all technical data that is required to handle the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.
If content is exchanged, uploaded or otherwise made available within the tool, it cannot be ruled out that this will also be stored on the servers of the providers. Such content includes, in particular, cloud recordings, chat/ instant messages, voicemails, uploaded photos and videos, files and other information shared while using the service.
As far as the video streaming service is used to conduct the seminar, the data processing is based on Art. 6 para. 1 letter b DSGVO. Furthermore, the use of the tools serves the general simplification and acceleration of communication with us or our company, so that in this respect we carry out processing of personal data based on our legitimate interest within the meaning of Art. 6 (1) f DSGVO.
Online meetings are only recorded if we have informed you of this in advance and you have consented to the recording. The legal basis in this case is Art. 6 para. 1 lit. a DSGVO.
We use the following video streaming services:


(a) Zoom
Zoom is a service of Zoom Video Communications, Inc (USA - "Zoom"). With Zoom, a transmission of data to the USA cannot be excluded. Please refer to the notes in the section "Data transfer to third countries". For more information on data protection at Zoom, please refer to Zoom's privacy policy: https://explore.zoom.us/de/privacy/.


b) Teams
We use the Teams service provided by Microsoft Ireland Operations Limited (Ireland, EU - "Teams"). For more information on data protection at Teams, please see: https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA.


c) Webex
Webex is a video streaming service provided by Cisco Systems, Inc (USA - "Webex"). With Webex, a transfer of data to the USA cannot be ruled out. Please note the information in the section "Data transfer to third countries". Further information on data protection at Webex can be found at: https://www.cisco.com/c/de_de/about/legal/privacy-full.html.


d) Skype
In addition, we use the Skype service of Microsoft Ireland Operations Limited (Ireland, EU - "Skype"). For more information about Skype's privacy practices, please visit: https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA.


e) GoToMeeting
We use the GoToMeeting service provided by LogMeIn Ireland Unlimited Company (Ireland, EU - "GoToMeeting"). For more information on data protection with Teams, please visit: https://www.goto.com/de/company/legal/privacy.


4. Data processing on the learning world platform
4.1 Registration

We offer e-learning products on the Learning World platform ("Learning World") in connection with our seminars, in particular for the preparation and follow-up of the events. For this purpose, registration via the website is required. The required information can be seen from the input mask for registration. The provision of the information marked as mandatory is mandatory in order to complete the registration. The data provided will be processed for the purpose of providing the service.
The e-learning offer is part of the contractual services, so that the processing of personal data insofar takes place for the execution of the contract and is based on Art. 6 para. 1 letter b DSGVO.
The provision of further data is voluntary. We process such voluntarily provided data on the basis of Art. 6 para. 1 letter f DSGVO.


4.2 Use of e-learning products.

For the use of the videos and various e-learning products on the Learning World platform, we cooperate with Materna GmbH (Germany). Therefore, the transmission of your IP address to Materna GmbH is technically necessary for the display of the videos and various e-learning products.
The e-learning products are part of the contractual service. Therefore, the transmission of the IP address is based on Art. 6 para. 1 letter b DSGVO.
Further information on data processing can be found at: https://www.materna-tmt.de/datenschutz#weitere-informationen.

5. Data processing on our social media pages

We are represented on several social media platforms with a company page. Through this, we would like to offer further opportunities for information about our company and for exchange.
When you visit or interact with a profile on a social media platform, personal data about you may be processed. Information associated with a social media profile used also regularly constitutes personal data. This also covers messages and statements made while using the profile. In addition, during your visit to a social media profile, certain information about it is often automatically collected, which may also constitute personal data.


5.1 Visiting a social media page


a) Facebook and Instagram


When you visit our Facebook or Instagram page, through which we present our company or individual products from our range, certain information about you is processed. The sole controller of this processing of personal data is Meta Platforms Ireland Limited (Ireland, EU - "Meta"). For more information about the processing of personal data by Meta, please visit https://www.facebook.com/privacy/explanation. Meta offers the possibility to object to certain data processing; related information and opt-out options can be found at https://www.facebook.com/settings?tab=ads.
Meta provides us with anonymized statistics and insights for our Facebook and Instagram page, which help us gain insights into the types of actions people take on our page (so-called "page insights"). These Page Insights are created based on certain information about individuals who have visited our Page. This processing of personal data is carried out by Meta and us as joint controllers. The processing serves our legitimate interest to evaluate the types of actions taken on our site and to improve our site based on these insights.
The legal basis for this processing is Article 6 (1) (f) DSGVO.
We cannot associate the information obtained via Page Insights with individual user profiles interacting with our Facebook and Instagram page. We have entered into a joint controller agreement with Meta, which sets out the distribution of data protection obligations between us and Meta. For details about the processing of personal data to create Page Insights and the agreement entered into between us and Meta, please visit https://www.facebook.com/legal/terms/information_about_page_insights_data. With regard to these data processing operations, you have the option of asserting your data subject rights (see "Your rights" in this regard) against Meta as well. Further information on this can be found in Meta's privacy policy at https://www.facebook.com/privacy/explanation.
Please note that, in accordance with the Meta Privacy Policy, user data is also processed in the USA or other third countries. Meta only transfers User Data to countries for which an adequacy decision has been issued by the European Commission in accordance with Article 45 of the GDPR or on the basis of appropriate safeguards in accordance with Article 46 of the GDPR.


b) LinkedIn
For the processing of personal data when visiting our LinkedIn page, LinkedIn Ireland Unlimited Company (Ireland, EU - "LinkedIn") is basically the sole controller. For more information about the processing of personal data by LinkedIn, please visit https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.
When you visit, follow or engage with our LinkedIn company page, LinkedIn processes personal data to provide us with anonymized statistics and insights. This provides us with insights into the types of actions that people take on our site (so-called page insights). For this purpose, LinkedIn processes in particular such data that you have already provided to LinkedIn via the information in your profile, such as data on function, country, industry, seniority, company size and employment status. In addition, LinkedIn will process information about how you interact with our LinkedIn company page, such as whether you are a follower:in our LinkedIn company page. By the page insights, LinkedIn does not provide us with any personal data about you. We only have access to the aggregated Page Insights. It is also not possible for us to draw conclusions about individual members via the information in the Page Insights. This processing of personal data in the context of the Page Insights is carried out by LinkedIn and us as joint controllers. The processing serves our legitimate interest to evaluate the types of actions taken on our LinkedIn company page and to improve our company page based on these insights.
The legal basis for this processing is Article 6(1)(f) DSGVO.
We have entered into a joint controller agreement with LinkedIn, which sets out the distribution of data protection obligations between us and LinkedIn. The agreement is available at: https://legal.linkedin.com/pages-joint-controller-addendum. Thereafter, the following applies:
- LinkedIn and we have agreed that LinkedIn is responsible for enabling you to exercise your rights under the GDPR. You can contact LinkedIn to do so online via the following link (https://www.linkedin.com/help/linkedin/ask/PPQ?lang=de) or reach LinkedIn via the contact details in the Privacy Policy. You can contact the Data Protection Officer at LinkedIn Ireland via the following link: https://www.linkedin.com/help/linkedin/ask/TSO-DPO. You may also contact us at our provided contact details about exercising your rights in connection with the processing of personal data in the context of Page Insights. In such a case, we will forward your request to LinkedIn.
- LinkedIn and we have agreed that the Irish Data Protection Commission is the lead supervisory authority overseeing processing for Page Insights. You always have the right to lodge a complaint with the Irish Data Protection Commission (see at www.dataprotection.ie) or any other supervisory authority.
Please note that according to the LinkedIn Privacy Policy, personal data is also processed by LinkedIn in the US or other third countries. LinkedIn transfers personal data only to countries for which an adequacy decision has been issued by the European Commission in accordance with Article 45 of the GDPR or on the basis of appropriate safeguards in accordance with Article 46 of the GDPR.


5.2 Comments and direct messages
We also process information that you have provided to us via our company page on the respective social media platform. Such information may be the username used, contact details or a message to us. These processing operations by us are carried out as the sole responsible party. We process this data on the basis of our legitimate interest in contacting inquiring persons.
The legal basis for the data processing is Art. 6 para. 1 letter f DSGVO. Further data processing may take place if you have consented (Art. 6 para. 1 letter a DSGVO) or if this is necessary for the fulfillment of a legal obligation (Art. 6 para. 1 letter c DSGVO).


5.3 Comment management service

We use the Trello Boards service of Trello Inc (USA - "Trello") to manage comments on our social media company pages. If a user:inside posts a comment via the comment function on one of our company pages, then the social media ID (e.g., the Facebook user name), the comment content, and the date/time of the comment are displayed via the software. In the process, this data is also transmitted to the provider of the software.
We process this personal data in order to be able to moderate the comments on our company pages and to detect violations of the netiquette rules and criminal content. The processing of personal data is thus based on Art. 6 para. 1 lit. c and Art. 6 para. 1 lit. f DSGVO for the fulfillment of legal obligations.
In the case of Trello, a transfer of data to the USA cannot be ruled out. Please note the information in the section "Data transfer to third countries". For more information on data protection at Trello, please see Trello's privacy policy: https://www.atlassian.com/legal/product-specific-terms#trello-specific-terms.

6. Further data processing
6.1 Contact via e-mail

If you send us a message via the contact email provided, we will process the transmitted data for the purpose of responding to your inquiry. We process this data based on our legitimate interest in contacting inquiring persons. The legal basis for the data processing is Art. 6 para. 1 letter f DSGVO.


6.2 Customer and interested party data

If you contact our company as a customer or interested party, we process your data to the extent necessary to establish or implement the contractual relationship. This regularly includes the processing of the personal master, contract and payment data provided to us as well as contact and communication data of our contact persons for commercial customers and business partners. The legal basis for this processing in the case of contracts with end customers is Article 6 (1) (b) DSGVO and Article 6 (1) (f) DSGVO in the case of a contact person for commercial customers and clients.
We also process customer and interested party data for evaluation and marketing purposes. This processing is carried out on the legal basis of Art. 6 Para. 1 Letter f DSGVO and serves our interest to further develop our offer and to inform you specifically about our offers. Further data processing may take place if you have consented (Art. 6 para. 1 letter a DSGVO) or if this is necessary for the fulfillment of a legal obligation (Art. 6 para. 1 letter c DSGVO).


6.3 Use of the e-mail address for marketing purposes

We may use the email address you provide when registering or ordering to inform you about our own similar products and services offered by us. The legal basis is Art. 6 para. 1 lit. f DSGVO in conjunction with. § Section 7 (3) UWG. You can object to this at any time without incurring any costs other than the transmission costs according to the prime rates. To do so, you can unsubscribe by clicking on the unsubscribe link contained in each mailing or by sending an e-mail to info@kitzmann.biz.


Status: June 2022