1. Data Protection at a Glance General Information The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data by which you can be personally identified. Detailed information on data protection can be found in the Privacy Policy set out below. Data Collection on This Website Who is responsible for data collection on this website? Data processing on this website is carried out by the website operator. The operator’s contact details can be found in the section “Information on the Responsible Party” in this Privacy Policy. How do we collect your data? Some data is collected when you provide it to us, for example, by entering information into a contact form. Other data is collected automatically or after your consent when you visit the website through our IT systems. This primarily includes technical data (e.g., internet browser, operating system, or time of page access). This data is collected automatically as soon as you enter this website. What do we use your data for? Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior. If contracts can be concluded or initiated via the website, the transmitted data will also be processed for contract offers, orders, or other inquiries. What rights do you have regarding your data? You have the right at any time to receive information free of charge about the origin, recipient, and purpose of your stored personal data. You also have the right to request correction or deletion of this data. If you have given consent to data processing, you may revoke this consent at any time for the future. You also have the right, under certain circumstances, to request restriction of the processing of your personal data. Furthermore, you have the right to lodge a complaint with the competent supervisory authority. You may contact us at any time with regard to this or any other questions relating to data protection. ⸻ Analytics Tools and Third-Party Tools When visiting this website, your browsing behavior may be statistically analyzed. This is primarily done using analytics programs. Detailed information on these analytics programs can be found in the Privacy Policy below. ⸻ 2. Hosting onepage.io We host the content of our website with the following provider: Onepage GmbH Neue Rothofstr. 13–19 60313 Frankfurt am Main Germany onepage.io enables us to build websites, landing pages, link trees, and quiz pages. The websites are fully generated and hosted on onepage.io. For this purpose, onepage.io processes personal data. All personal data that you enter on this website or that is automatically collected will therefore also be processed and stored on onepage.io’s servers. The legal basis for data processing is Article 6 (1) (f) GDPR. The website operator has a legitimate interest in the provision of this service. If consent has been requested, processing is carried out exclusively on the basis of Article 6 (1) (a) GDPR and Section 25 (1) TDDDG. Consent may be revoked at any time. Further details can be found in the provider’s Privacy Policy: https://onepage.io/de/datenschutzerklarung Data Processing Agreement We have concluded a data processing agreement (DPA) with the above-mentioned provider. This legally required agreement ensures that personal data of our website visitors is processed only in accordance with our instructions and in compliance with the GDPR. ⸻ 3. General Information and Mandatory Information Data Protection The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this Privacy Policy. When you use this website, various personal data is collected. Personal data is data by which you can be personally identified. Please note that data transmission over the Internet (e.g., communication by email) may have security vulnerabilities. Complete protection of data against access by third parties is not possible. ⸻ Information on the Responsible Party The responsible party for data processing on this website is: Thorsten Kies Rethinking Transformation An der Bucht 49 10317 Berlin Germany Phone: +49 (0) 30 76686787 Email: info@rethinking-transformation.com The responsible party is the natural or legal person who alone or jointly determines the purposes and means of processing personal data. ⸻ Storage Period Unless a more specific storage period is stated within this Privacy Policy, your personal data will remain with us until the purpose for data processing no longer applies. If you assert a legitimate request for deletion or revoke your consent, your data will be deleted unless we have other legally permissible reasons for storing your data (e.g., tax or commercial retention obligations). In the latter case, deletion will take place after these reasons cease to apply. ⸻ Legal Bases for Data Processing If you have given consent, we process your personal data on the basis of Article 6 (1) (a) GDPR or Article 9 (2) (a) GDPR if special categories of data are processed. If you have explicitly consented to the transfer of personal data to third countries, processing is also based on Article 49 (1) (a) GDPR. If cookies or similar technologies are used based on consent, processing is carried out in accordance with Article 6 (1) (a) GDPR and Section 25 (1) TDDDG. If your data is required for contract fulfillment or pre-contractual measures, processing is based on Article 6 (1) (b) GDPR. If processing is necessary to fulfill a legal obligation, it is based on Article 6 (1) (c) GDPR. Processing may also be based on our legitimate interest pursuant to Article 6 (1) (f) GDPR. ⸻ Recipients of Personal Data We work with external service providers in the course of our business activities. Personal data is only shared if necessary for contract fulfillment, if we are legally obliged to do so, if we have a legitimate interest, or if another legal basis permits disclosure. When using data processors, we share personal data only on the basis of a valid data processing agreement. ⸻ Right to Withdraw Consent You may revoke your consent at any time. The legality of data processing carried out before revocation remains unaffected. ⸻ Right to Object (Article 21 GDPR) If data processing is based on Article 6 (1) (e) or (f) GDPR, you have the right to object at any time for reasons arising from your particular situation. If your personal data is processed for direct marketing purposes, you have the right to object at any time. If you object, your data will no longer be used for direct marketing purposes. ⸻ Right to Lodge a Complaint You have the right to lodge a complaint with a supervisory authority within the EU. ⸻ Right to Data Portability You have the right to receive data processed automatically on the basis of your consent or contract in a commonly used, machine-readable format. ⸻ Right to Information, Rectification, and Erasure You have the right to obtain information about your stored personal data, its origin, recipient, and purpose, and the right to request correction or deletion. ⸻ Right to Restrict Processing You may request restriction of processing under the conditions set out in Article 18 GDPR. ⸻ SSL/TLS Encryption This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content. You can recognize an encrypted connection by the “https://” in your browser’s address bar.

4. Data Collection on This Website Cookies Our website uses so-called “cookies.” Cookies are small data packets and do not cause any damage to your device. They are stored either temporarily for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted at the end of your visit. Persistent cookies remain stored on your device until you delete them yourself or your web browser automatically deletes them. Cookies may originate from us (first-party cookies) or from third-party providers (third-party cookies). Third-party cookies enable the integration of certain services provided by third parties within websites (e.g., cookies for payment processing services). Cookies serve various purposes. Many cookies are technically necessary, as certain website functions would not operate without them (e.g., shopping cart functionality or video display). Other cookies may be used to analyze user behavior or for advertising purposes. Cookies required to carry out electronic communication processes, provide certain functions requested by you, or optimize the website (necessary cookies) are stored on the basis of Article 6 (1) (f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies to ensure technically error-free and optimized provision of services. If consent has been requested for the storage of cookies or comparable recognition technologies, processing takes place exclusively on the basis of your consent (Article 6 (1) (a) GDPR and Section 25 (1) TDDDG). Consent may be revoked at any time. You can configure your browser to inform you about the setting of cookies and allow cookies only in individual cases, exclude acceptance of cookies for specific cases or generally, and activate automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website. Information about which cookies and services are used on this website can be found in this Privacy Policy. ⸻ Server Log Files The website provider automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These include: • Browser type and version • Operating system used • Referrer URL • Hostname of the accessing computer • Time of the server request • IP address This data is not merged with other data sources. The collection of this data is based on Article 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of the website — for this purpose, server log files must be recorded. ⸻ Contact Form If you submit inquiries via the contact form, your details from the inquiry form, including the contact information you provide, will be stored for the purpose of processing the inquiry and in case of follow-up questions. We do not share this data without your consent. The processing of this data is based on Article 6 (1) (b) GDPR if your request is related to the performance of a contract or necessary to carry out pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively handling inquiries (Article 6 (1) (f) GDPR) or on your consent (Article 6 (1) (a) GDPR), if requested. Consent may be revoked at any time. The data you enter in the contact form will remain with us until you request deletion, revoke your consent, or the purpose for data storage no longer applies (e.g., after completion of your inquiry). Mandatory statutory provisions — especially retention periods — remain unaffected. ⸻ Inquiries by Email, Telephone, or Fax If you contact us by email, telephone, or fax, your inquiry, including all resulting personal data (name, inquiry details), will be stored and processed for the purpose of handling your request. We do not share this data without your consent. Processing is based on Article 6 (1) (b) GDPR if your request is related to the performance of a contract or necessary to carry out pre-contractual measures. In all other cases, processing is based on our legitimate interest in effectively handling inquiries (Article 6 (1) (f) GDPR) or on your consent (Article 6 (1) (a) GDPR), if requested. Consent may be revoked at any time. The data you send us via contact inquiries will remain with us until you request deletion, revoke consent, or the purpose for data storage no longer applies. Mandatory statutory provisions — especially retention periods — remain unaffected. ⸻ 5. Newsletter Newsletter Data If you wish to receive the newsletter offered on this website, we require your email address and information that allows us to verify that you are the owner of the specified email address and consent to receiving the newsletter. No additional data is collected, or only on a voluntary basis. We use this data exclusively for sending the requested information and do not share it with third parties. Processing of the data entered in the newsletter registration form takes place exclusively on the basis of your consent (Article 6 (1) (a) GDPR). You may revoke your consent at any time, for example via the “unsubscribe” link in the newsletter. The legality of data processing carried out before revocation remains unaffected. The data stored for the purpose of receiving the newsletter will be stored until you unsubscribe and will be deleted after you unsubscribe or when the purpose ceases to apply. We reserve the right to delete or block email addresses from our newsletter distribution list at our discretion within the scope of our legitimate interest pursuant to Article 6 (1) (f) GDPR. After unsubscribing, your email address may be stored in a blacklist to prevent future mailings. The blacklist data is used solely for this purpose and is not merged with other data. The storage in the blacklist is not time-limited. You may object to this storage if your interests outweigh our legitimate interest. ⸻ 6. Plugins and Tools YouTube (Enhanced Privacy Mode) This website embeds videos from YouTube. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. When you visit a page with embedded YouTube content, a connection to YouTube servers is established. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, YouTube may associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. We use YouTube in enhanced privacy mode. According to YouTube, videos played in enhanced privacy mode are not used to personalize browsing on YouTube. Advertisements displayed in enhanced privacy mode are also not personalized. In enhanced privacy mode, no cookies are set. However, local storage elements may be stored in the user’s browser, which may contain personal data and enable recognition. Use of YouTube is based on our legitimate interest in an appealing presentation of our online offerings (Article 6 (1) (f) GDPR). If consent has been requested, processing is carried out exclusively on the basis of Article 6 (1) (a) GDPR and Section 25 (1) TDDDG. Consent may be revoked at any time. Further information: https://policies.google.com/privacy Google is certified under the EU-US Data Privacy Framework (DPF). ⸻ Google Maps This website uses Google Maps. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. To use Google Maps, your IP address must be stored. This information is generally transmitted to a Google server in the USA and stored there. We have no influence over this data transfer. Google Maps is used in the interest of an appealing presentation of our online offerings and easy location of places specified on the website. This constitutes a legitimate interest under Article 6 (1) (f) GDPR. If consent has been requested, processing is carried out exclusively on the basis of Article 6 (1) (a) GDPR and Section 25 (1) TDDDG. Consent may be revoked at any time. Data transfers to the USA are based on EU Commission standard contractual clauses. Further information: https://policies.google.com/privacy Google is certified under the EU-US Data Privacy Framework (DPF).

Das Unternehmen verfügt über eine Zertifizierung nach dem „EU-US Data Privacy Framework“ (DPF). Der DPF ist ein Übereinkommen zwischen der Europäischen Union und den USA, der die Einhaltung europäischer Datenschutzstandards bei Datenverarbeitungen in den USA gewährleisten soll. Jedes nach dem DPF zertifizierte Unternehmen verpflichtet sich, diese Datenschutzstandards einzuhalten. Weitere Informationen hierzu erhalten Sie vom Anbieter unter folgendem Link:

https://www.dataprivacyframework.gov/participant/5780.

Quelle: https://www.e-recht24.de