INTRODUCTION

​

We at 5L Partners GmbH & Co. KG attach great importance to the protection of your personal data. Both the protection of privacy and the personal data of our customers and their stakeholders (e.g. applicants) are important to us.

It is generally possible to use our website without providing personal data.

We treat your data carefully in accordance with the applicable data protection provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). Your data is always processed in accordance with the currently valid provisions.

 

In this privacy policy, we explain how, to what extent and for what purpose we collect and subsequently process personal data and information and inform you of the rights to which you are entitled.

​

1. Definitions of terms

This privacy policy is based on the terms used in the relevant data protection regulations (GDPR and BDSG). In the following, we would like to explain the terms used for a better understanding:

​

a) Personal data

Personal data is any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

​

b) Data subject

Data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.

​

c) Processing

Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

​

d) Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of restricting its future processing.

​

e) Profiling

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

​

g) Controller or controller responsible for the processing

Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

 

h) Processor

A processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

​

i) Recipient

Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

​

j) Third party

A third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

​

k) Consent

Consent is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

 

2 Responsible person and contact details

The responsible person within the meaning of the General Data Protection Regulation is

5L Partners GmbH & Co. KG

Mühlfelder Straße 20

82211 Herrsching

 

Managing directors: Christian Ruhland, Thomas Saller

Register court: Munich

Register number: HRA 118950 / HRB 290083

 

Telephone: +49 172 26 11 542

​

If you have any questions about data protection, you can contact us at the following e-mail address: info@5lpartners.de

 

3. Processing of your personal data

a) Which persons are affected?

​

i. Visitors to our website

Visitors are all persons who visit or use our website or online services.

 

ii. Customers/potential customers

Clients have engaged us for one of our consulting services. All points listed in this declaration regarding clients also apply to potential clients.

 

iii. Reference provider

We refer to reference providers as persons from whom we obtain further background information about our clients' applicants (if necessary and in consultation with our client).

 

b) What data is collected?

​

i. Visitors to our website

We collect data from visitors to our website to a very limited extent. This includes information such as visit times, browser type and version, IP address and language settings as well as the website from which you were referred to us. As soon as you use the contact options offered by us, all information transmitted to us is recorded. When using this general data and information, we do not draw any conclusions about the person concerned. For security purposes, i.e. in order to be able to trace the attack in the event of attacks on our platforms, we store this data including the IP address for a period of 14 days and then anonymize the IP addresses or delete the data.

 

ii. Customers/potential customers

In order to be able to offer you as a customer the best possible service, we must collect and process certain data from you. We only use data that enables us to provide you with a better quality of service. This primarily includes the contact details of individual contact persons in your organization, but also the data of your employees and applicants with whom interaction takes place in the context of projects. Of course, you are welcome to provide us with further information voluntarily.

​

c) How is the data recorded?

​

i. Visitors to our website

Your personal data is collected through the use of cookies and analysis tools in accordance with the settings in your browser. Further details can be found in the relevant sections of this Privacy Policy.

 

ii. Customers/potential customers

Your personal data is generally collected in two ways:

Directly from you (e.g. by email/post, message on social networks, contact requests/profile visits/confirmations of contact, by telephone, face-to-face meetings, etc.).

​

or

​

from third parties (e.g. research on company websites, from publicly accessible data in social networks such as Xing or LinkedIn, lists of participants at events, from online or newspaper articles, etc.).

​

iii. Reference provider:in

Your personal data will only be collected if an applicant names you as a contact person for a reference after consultation with our customer and agrees this naming with you beforehand.

​

d) How do we use your personal data?

​

i. Customers/potential customers

We use your data to provide you with the best possible consulting service. The more information we have about your company, your vacancies / recruitment processes and your plans, the better we can advise you.

In compliance with all legal requirements, these measures include.

​

• Collection of your data directly from you or from other (public) sources (see point 3.c)

• Storage and regular updating of your data in our database

• Conducting telephone, video or face-to-face discussions as well as workshops and meetings as part of our consulting services

• Preparation and sending of results reports as part of the consulting service provided to you

• Information about other services (e.g. events, etc.)

• Conducting surveys (e.g. satisfaction with our services, etc.)

• Fulfillment of our obligations under contracts and legal provisions (e.g. defense of legal claims)

​

ii. Visitors to our website

We collect data from visitors to our website to a very limited extent and use it to make it easier for you to navigate our website or to improve our services.

​

iii. Reference provider

We use your data if an applicant has named you as a contact person for a reference after consultation with our customer and has previously agreed this naming with you.

In compliance with all legal regulations, the relevant measures include

Collecting your data directly from you or from other (public) sources (see point 3.c)

Storing and regularly updating your data in our database

Conducting reference interviews

 

e) To whom is personal data passed on?

i. Clients/potential clients

As part of our work, your data will be passed on to external service providers such as hosting companies, IT service providers, cloud services, etc., provided that a corresponding data processing contract exists. In doing so, we comply with the applicable legal provisions. Your data is stored on the servers of Microsoft Cloud Germany under the trustee model of T-Systems.

​

ii. Visitors to our website

As part of our work, your data will be passed on to external service providers such as hosting companies, IT service providers, cloud services, etc., provided that a corresponding data processing contract exists. In doing so, we comply with the applicable legal provisions.

 

iii. Reference provider

As part of our work, your data will be passed on to external service providers such as hosting companies, IT service providers, cloud services, etc., provided that a corresponding data processing contract exists. In doing so, we comply with the applicable legal provisions. Your data is stored on the servers of Microsoft Cloud Germany under the trustee model of T-Systems.

​

f) What is the legal basis for storing personal data?

Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) is the legal basis for the processing of personal data for which we obtain consent for a specific processing purpose.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

​

Insofar as the processing of personal data is necessary to fulfill a legal obligation, Art. 6 para. 1 lit. c GDPR serves as the legal basis.

​

If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.

 

g) How long will the data be stored?

The retention period is based on the applicable statutory periods. After these periods have expired, the corresponding data is routinely deleted, provided it is no longer required for contract fulfillment or legal protection.

 

You can give us permission to store your data for longer at any time.

​

h) Consent

In certain circumstances, we may ask you for your consent to process your personal data. This is done by means of an "opt-in", i.e. an unequivocal expression of will in the form of a declaration or a confirmatory act. We will keep a record of your consent; you can withdraw this consent at any time.

​

i) Is there automated decision-making, including profiling?

We do not use automated decision-making or profiling.

 

j) How is the data protected?

We use numerous technical and organizational measures to ensure that your data is protected as completely as possible. These include, for example, the use of Microsoft Cloud Germany with the trustee model of T-Systems as well as secure e-mail communication via S/MIME certificates and many other measures.

However, we would like to point out that data transmission over the Internet (e.g. when communicating by email) can have security gaps. Complete protection of data against access by third parties is not possible.

​

k) What rights do I have?

The GDPR grants you the following rights with regard to your personal data:

 

You have the right to withdraw your given consents at any time and with immediate effect.

You have the right to information about the personal data stored about you.

You have the right to data portability. This means that we will transmit your data in machine-readable format within 72 hours.

You have the right to rectification of your personal data.

You have the right to erasure of your personal data.

You have the right to restrict the processing of your personal data.

You have the right to object to the processing of your personal data.

 

In addition, you have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

​

The data protection authority responsible for us is the

Bavarian State Office for Data Protection Supervision

Promenade 27 (Castle)

91522 Ansbach

Telephone: +49 981 531300

Fax: +49 981 53981300

E-mail: poststelle@lda.bayern.de

​

4. Status of this privacy policy

The status of this declaration is 02.03.2024. We reserve the right to change this data protection declaration at any time with effect for the future; you will be informed of any changes in good time.

 

5. Appendix

a) Cookies

i. Session cookies

We use so-called cookies on our website. Cookies are small text files or other storage technologies that are placed and stored on your end device by the Internet browser you use. These cookies process certain information from you, such as your browser or location data or your IP address, to an individual extent.

​

This processing makes our website more user-friendly, effective and secure, as the processing enables, for example, the reproduction of our website in different languages or the offer of a shopping cart function.

The legal basis for this processing is Art. 6 para. 1 lit. b.) GDPR, insofar as these cookies process data for contract initiation or contract processing.

​

If the processing does not serve to initiate or process a contract, our legitimate interest lies in improving the functionality of our website. The legal basis in this case is Art. 6 para. 1 lit. f) GDPR.

​

These session cookies are deleted when you close your Internet browser.

​

ii. Third-party cookies

Our website may also use cookies from partner companies with whom we cooperate for the purposes of advertising, analysis or the functionalities of our website.

For details on this, in particular on the purposes and legal bases of the processing of such third-party cookies, please refer to the following information.

 

iii. Removal option

You can agree or object to the installation of cookies via our "cookie banner".

​

You can prevent or restrict the installation of cookies by changing the settings of your Internet browser. You can also delete cookies that have already been saved at any time. However, the steps and measures required for this depend on the specific Internet browser you are using. If you have any questions, please use the help function or documentation of your Internet browser or contact its manufacturer or support. In the case of so-called Flash cookies, however, processing cannot be prevented via the browser settings. Instead, you must change the settings of your Flash player. The steps and measures required for this also depend on the specific Flash player you are using. If you have any questions, please also use the help function or documentation of your Flash player or contact the manufacturer or user support.

 

However, if you prevent or restrict the installation of cookies, this may mean that not all functions of our website can be used to their full extent.

​

b) Google Fonts

We integrate the fonts ("Google Fonts") of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://adssettings.google.com/authenticated.

 

c) Google Maps

We integrate the maps of the "Google Maps" service of the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The processed data may include, in particular, IP addresses and location data of users, which, however, are not collected without their consent (usually as part of the settings of their mobile devices). The data may be processed in the USA. Privacy policy: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.

​

d) Google Analytics

If you have given your consent, Google Analytics, a web analysis service of Google Inc ("Google"), is used on this website. The use includes the "Universal Analytics" operating mode. This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and thus to analyze the activities of a user across devices.

​

Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will first be truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. We would like to point out that Google Analytics has been extended on this website to include IP anonymization in order to ensure anonymous collection of IP addresses (so-called IP masking). The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You can find more information on terms of use and data protection at https://www.google.com/analytics/terms/de.html or at https://policies.google.com/?hl=de.

​

i. Purposes of the processing

Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.

​

ii. Legal basis

The legal basis for the use of Google Analytics is your consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR.

​

iii. Recipients / categories of recipients

The recipient of the data collected is Google.

​

iv. Transfer to third countries

The personal data is transferred to the USA under the EU-US Privacy Shield on the basis of the adequacy decision of the European Commission. You can access the certificate here.

​

v. Duration of data storage

The data sent by us and linked to cookies, user identifiers (e.g. user ID) or advertising IDs are automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month.

 

vi. Rights of data subjects

You can revoke your consent at any time with effect for the future by preventing the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.

You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser add-on. Opt-out cookies prevent the future collection of your data when you visit this website. To prevent Universal Analytics from collecting data across different devices, you must opt out on all systems used.

​