1. General Information
The protection of your personal data is of great importance to SCHUHEN Consulting GmbH. All information relating to you — such as your name, address, telephone number, e-mail address and any other information that can be traced back to you — is referred to as personal data. We want you to know what data we collect, when we collect it, and how we use it. We have implemented technical and organisational measures to ensure that data protection regulations are observed by us and by any external service providers we may engage. Your data is protected in accordance with applicable law. Personal data is only collected automatically on this website to the extent technically necessary.
2. Controller / Data Protection Contact
The controller responsible for data processing on this website is:
SCHUHEN Consulting GmbHChristian Schuhen
Herrnangerweg 6B
85778 Haimhausen (Germany)
Phone: 08133 / 439 8858
Fax: 08133 / 439 8872
E-Mail:
datenschutz@schuhen-consulting.de
3. Your Rights as a Data Subject
You have the following rights with regard to your personal data:
– Right to information
– Right of access
– Right to rectification or erasure
– Right to restriction of processing
– Right to object to processing
– Right to data portability
You also have the right to lodge a complaint with a data protection supervisory authority. For Bavaria, this is the Bavarian State Office for Data Protection Supervision (BayLD), Promenade 18, 91522 Ansbach, Tel: 0981/180093-0, Fax: 0981/180093-800, E-Mail: poststelle@lda.bayern.de.
To exercise your rights as a data subject, an e-mail to datenschutz@schuhen-consulting.de is sufficient. We may request proof of identity.
4. Data Processing
4.1 General Data Processing and Hosting
This website is hosted by ALL-INKL.COM – Neue Medien Münnich, René Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany. When the website is accessed, the web server temporarily stores technical access data in log files: IP address (anonymised), date and time of access, page accessed and HTTP status code, user agent (browser and operating system). This data is used for operational security, error analysis and defence against attacks. It is deleted by the provider after 90 days. We have chosen not to transmit log files to our web server for analysis or archiving purposes. This data is not merged with other data sources. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in a stable, secure web service).
4.2 Contact Form
When you send us a message via the contact form, the data you provide (name, e-mail, optional phone and organisation, message) is processed exclusively for the purpose of handling your enquiry and forwarded to our internal e-mail address via an encrypted SMTP connection (TLS). Data is not passed on to third parties. The legal basis is Art. 6(1)(b) GDPR (pre-contractual measures) and Art. 6(1)(f) GDPR (legitimate interest in processing your enquiry). Data is deleted once your enquiry has been fully processed, unless statutory retention obligations apply.
4.3 Technical Security Measures
We use technical mechanisms to secure the contact form and server operation: session cookies (strictly necessary, no tracking), CSRF tokens (protection against forged requests), honeypot fields (spam prevention), rate limiting (abuse protection), anonymised IP recording (last octet or last 80 bits for IPv6 removed) for the mail header only. No analytics tools, trackers or external resources are integrated. Fonts are delivered locally — no connection to Google Fonts or other CDNs.
5. Data Security
All data transmitted between your browser and this server is fully encrypted (HTTPS / TLS). Access to internal systems is role-based and restricted. Regular updates to operating systems and applications as well as data backups are in place.
6. Data Retention and Deletion
Unless otherwise specified in the detailed descriptions of our services, we process and store your personal data only for as long as is necessary to fulfil our contractual and legal obligations. Your personal data is routinely deleted or blocked when it is no longer required for the fulfilment of contractual or legal obligations, you have exercised your right to erasure, all mutual claims have been settled, and no other statutory retention obligations or legal grounds for continued storage exist.
7. Updates to this Privacy Policy
We reserve the right to amend this privacy policy as required to reflect changes in legal or technical conditions. The current version is always available on this page.
