We process client and business partner data in compliance with data protection laws, which means it is used for very specific purposes and in accordance with the principles of data minimization.
Obviously, all our employees are intimately familiar with the legal situation in regard to data protection and the associated measures in their day-to-day work.
Information on other areas can be found here:
- Data Protection Notice for Business Partners and Contact Persons
- Data Protection Notice for Participants in Video Calls using Microsoft Teams
- Data Protection Notice for Sweepstakes/Raffles
- Data Protection Notice for the service “foxondo”
- Information for online data protection trainings can be found directly on the respective training page
- Information on data processing in social networks can be found at the lower part of this page
Do you miss statements here? Feel free to ask us.
The following information applies to our sites fox-on.com and online-datenschutz-schulung.de:
Data processing on webpages which refer to this Privacy Notice
We process website user and newsletter recipient data for the following purposes:
- Technical provision of the websites: To provide you with the web pages technically, our web server automatically collects information from your browser each time it is called up. This information is mainly affected by this:
We need to store your IP address, at least temporarily, so that our website content can be delivered to your browser.
This data is stored separately from other data that you may transmit to us and is not merged with data from other sources.
The legal basis for the data processing is Art. 6 Para. 1 Letter f GDPR, which permits the processing of data on the basis of legitimate interest. In this case, there is a legitimate interest in the secure and uninhibited operation of the web server. To ensure this, the administration must be able to detect and track attacks and malfunctions of the system via server log files, and to recognise attack patterns, accesses to the server must be saved. As soon as this data is no longer needed it is deleted. For technical reasons, the data is available to the hosting service provider, who is, however, bound by our instructions and contractually obligated to us.
- Contact Forms: You can voluntarily contact us through our contact page and forms on our website. The obligatory information needed is stated. All other information can be provided on a voluntary basis. The data you enter will be used exclusively to contact you and to process your request. The data processing is based on your voluntarily consent in accordance with Art. 6 Para.1 Letter a GDPR. You can at any time withdraw your consent with effect for the future.
If you use our customer area, cookies are used to provide you with this function. The cookies are automatically deleted at the end of each current session; a cookie to store your language selection is deleted after one month. No third parties have access to the cookies.
Insofar as cookies contain personal data, their use is based on our legitimate interests pursuant to Art. 6 Para. 1 Letter f GDPR. Our legitimate interests are to be able to provide you with the described functions.
- Customer Area: The log-in data which are submitted to all of our clients are allocated to the entire company, not a single employee: It is impossible for us to track exactly which employee from a company entered the customer area of our website. The data processed when using the customer area are processed on the basis of Art. 6 Para.1 Letter f GDPR. The legitimate interest lies in the provision of information for a limited group of people.
- Newsletter: We might send information to employees at out clients and, when requested, other interested parties. You can unsubscribe from newsletters at any time via the link in the email footer. Opening emails or clicking on links in them is only recorded anonymously, if at all, i.e. without any possibility of assigning this action to specific persons. The data are only used to send newsletters and are only made available for technical delivery to contracted service providers. This data processing is based on Art. 6 Para. 1 Letter a GDPR (consent) and, in the case of our clients’ contact persons, on Art. 6 Para. 1 Letter f GDPR. Our legitimate interest lies in the fulfilment of the contractual duty to inform on data protection topics.
- Requesting access code for Data Protection Online Training: When you complete the web form to receive an access code for the demo Data Protection Online Training, you will need to provide your email address so that we can send you this code. Any other information you provide is voluntary. We need this information to enable access, to contact you if there are any questions about use, to get an overview over participants, and to track any misuse. The legal basis is Art. 6 Para. 1 Letters b and f GDPR. Your data will not be passed on to third parties. Only our IT service providers may be able to gain insight, but are obliged to maintain confidentiality. We store your data as long as the underlying purpose has not yet ceased to apply.
- Analysing-Tools und Third-Party-Tools are not used on our website.
The personal data are stored as long as they are necessary for the purposes mentioned above and as long as required by statutory retention periods.
Data processing in social networks
Please note that the Internet is not suitable for the transmission of confidential information – so please choose a different communication channel if necessary. We will not share confidential information with you via social networks but will use other communication channels for this purpose.
Processing users’ personal data is based on our legitimate interest in effective information of users and communication with users in accordance with Art. 6 Para. 1 Letter f GDPR.
If you visit us on LinkedIn or Facebook, we point out that in this case your data may be processed outside the European Union. This could pose risks for users, for example by making it more difficult to enforce user rights.
The social networks generally also process user data for market research and advertising purposes. For example, user profiles can be created from the user behaviour and the resulting interests of the users. The user profiles can be used, for example, to place advertisements within and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the users’ computers to record the usage behaviour and interests of the users. Furthermore, data may also be stored in the user profiles regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
For a detailed description of the respective processing operations and the possibilities to object (opt-out), please refer to the statements of the social networks:
Operated by New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany
For a description of how to opt-out from tracking visit this page
Operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
You can lodge your objection (opt-out) here
Operated by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
You can find information on Insights Data here and here
In the event of requests for information and the assertion of user rights, we would like to point out that these can be most effectively asserted with the provider. Only the provider has access to the data of the users and can directly take appropriate measures and provide information.
As the data subject you have the following rights, provided the legal conditions are fulfilled:
- Right to Information, Art. 15 GDPR
- Right to Rectification of incorrect data, Art. 16 GDPR
- Right to Erasure of Data, Art. 17 GDPR
- Right to Restriction of Processing, Art. 18 GDPR
- Right to Data Portability, Art 20. GDPR
- Right to Objection, Art. 21 GDPR
Provided the data processing is based on your consent, you may revoke it at any time, with effect on the future
You also have the right to lodge a complaint with The Data Protection Supervisory Authority regarding the processing of your data.