20 St. Andrew Street
2 Collection of personal data
We collect personal data from you for one or more of the following purposes:
- To provide you with information that you have requested or which we think may be relevant to a subject in which you have demonstrated an interest;
- To initiate and complete commercial transactions with you, or the entity that you represent, for the purchase of products and/or services;
- To fulfil a contract that we have entered into with you or with the entity that you represent;
- To ensure the security and safe operation of our websites and underlying business infrastructure, and
- To manage any communication between you and us.
3 Protection of your personal data
What information does the Organisation collect?
Data protection is very important to us. Accordingly, we process personal data only in accordance with the legal provisions for data protection and data security. Our employees are committed by us to confidentiality and secrecy.
Our online offer is accessible without registration, i.e. without providing your personal data and can in principle be used without disclosing your identity or manually entering personal data. If you would like to obtain information or services, we ask for your personal information. The extent to which we process personal data is described in detail below.
Moorhouse processes personal data about business contacts (existing and potential Moorhouse clients using a customer relationship management system (CRM).
The collection of personal data about contacts and the addition of that personal data to the CRM is initiated by a Moorhouse employee and will include name, employer name, contact title, phone, email and other business contact details.
4 General information regarding the processing of personal data
3.1 Description of the processing of personal data
We use IT systems on our websites for the provision of services to our customers, for which we process the personal data described in more detail below.
Personal data relating to business contacts may be visible to and used by Moorhouse employees to learn more about an opportunity, client or they have an interest in, and may be used for the following purposes:
- Administering, managing and developing our businesses and services
- Providing information about us and our range of services
- Identifying clients/contacts with similar needs
- Marketing communications regarding relevant events
3.2 Legal basis for the processing of personal data
As far as we can we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as legal basis.
In the processing of personal data necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as legal basis. This also applies to processing operations required to carry out pre-contractual actions.
If processing of personal data is required to fulfill a legal obligation that is subject to our company, Art. 6 para. 1 lit. c GDPR serves as legal basis.
If processing is necessary to safeguard the legitimate interests of our company or a third party, and if the interests, fundamental rights and freedoms of the data subject do not prevail over the first interest, Art. 6 para. 1 lit. f GDPR serves as legal basis for processing.
3.3 Disclosure of data
For the purposes set out below, we reserve the right to pass on your personal data to companies affiliated with us and / or service providers commissioned by us, provided that this is done in accordance with Art. 6 (1) sentence 1 lit. f GDPR under proportionate consideration of your interests and the Interests of our group such disclosure is necessary to enforce our rights.
Otherwise, personal data is passed on to third parties pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR, only with your expressed consent, e.g. if you inform us of your interest in services or events. In this case, the data is passed on to the relevant partners.
In addition, we will only disclose personal data to third parties if -in accordance with Art. 6 para. 1 sent. 1 lit. c GDPR- we are required to do so by law or- in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR – this is required for the settlement of contractual relationships with you.
3.4 Data deletion and storage duration
The personal data of the data subject will be deleted or blocked as soon as the purpose of the storage is invalidated. It may also be stored if provided for the European or national legislature in regulations, laws or other regulations to which the controller is subject. The data is therefore deleted or blocked if a storage period prescribed by the standards mentioned expires, unless the storage of the data is necessary for a fulfillment of the contract or an overriding legitimate interest.
5 Visiting our website
4.1 Description and scope of data processing
When you visit our website www.moorhouseconsulting.com the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a log file. The following information will be collected without your intervention and stored until automated deletion:
• IP address of the requesting computer
• Date and time of access
• Name and URL of the retrieved file
• Website from which access takes place (referrer URL)
• The browser used and, if applicable, the operating system of your computer
The log files contain IP addresses or other data that allow an assignment to a user.
4.2 Purpose of data processing
The temporary storage of the IP address by the system is necessary to allow delivery of the website to the computer of the user. To do this, the user's IP address must be kept for the duration of the session. Storage in log files is done to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this specific context. In particular, we use the data:
• To ensure a smooth connection of the website
• To ensure comfortable use of our website
• For evaluations of system security and stability
• For further administrative purposes
4.3 Legal basis of data processing
The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f GDPR. Our legitimate interest follows from the data collection purposes described above. In this specific context, we do not use the data collected for the purpose of drawing conclusions about you.
4.4 Duration of storage
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. In the case of the collection of data for the provision of the website, this is basically the case when the respective session is completed. As far as complete storage of IP addresses takes place in log files, the personal data will be deleted or anonymized after seven days at the latest. Any further storage is possible in connection with cookies or analysis services. In this case, the IP addresses of the users are deleted or shortened, so that a mapping of the calling client is not possible.
4.5 Contradiction and elimination possibility
The collection of data for the provision of the website and the storage of the data in log files are essential for the operation of the website. There is consequently no contradiction on the part of the user.
6 Forms on the website, newsletters, information
5.1 Description and scope of data processing
All personal data collected in connection with forms on our website are voluntarily provided by the user.
We use a form on our website where you can contact us. We collect the following personal data: name, address, e-mail address, company, industry, position, telephone number, country, your message to us.
On the website a form for the registration to our newsletter is provided, in which we which we collect the necessary personal data (name, e-mail address). We will use this information to send you newsletters. You can opt-out at any time through a link at the bottom of each e-mail, or by contacting us at firstname.lastname@example.org
5.2 Purpose of data processing
We process the personal data in order to process your inquiries, to provide you with the services you require, to issue invoices, to ensure compliance with laws and regulations, and to enforce legal claims.
5.3 Legal basis of data processing
The legal basis for data processing is Art. 6 para. 1 p. 1 lit. a and b GDPR, as each of you consent to the use of a form, or to the provision of information and a contractual service is provided.
5.4 Duration of storage
The personal data collected will be stored for as long as necessary for the purposes described. The personal data of the person concerned will be deleted or blocked as soon as the purpose of secure storage ceases to apply. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a secure storage period prescribed by the aforementioned standards expires, unless there is a need for further secure storage of the data for the conclusion or fulfilment of a contract.
5.5 Contradiction and elimination possibility
You may revoke your consent to sending the newsletter or information at any time, either via the unsubscribe link in the individual submissions, or informally at email@example.com.
6 Cookies, Plugins and Web analysis
6.1 Description and scope of data processing
What are cookies? When requesting content from our online offering, cookies are set for example to optimise communication times or for the anonymous, statistical evaluation of the use of our website. Cookies are small text files that are stored on the user's computer when visiting a website. They can be automatically recognized and read during a current or next visit.
If you leave our site and access third pages, the landing page may also set cookies. We are not legally responsible for the cookies. For the use of these cookies by third parties and the information stored therein, please compare the local privacy statements and the following statements.
What data is processed? Cookies, analysis tools and plug-ins are used, among other things. the name of the Internet service provider, requested files, IP address, access to individual pages, browser type, screen resolution, color depth, operating system, search terms and reference pages from which you have accessed our web pages.
In the following, we also describe in detail which cookies, analysis tools and plug-ins we use, which data is processed and how you can deactivate the analysis tools. Google (Universal) Analytics
The website uses Google Analytics, a web analytics service provided by Google Inc. (hereafter "Google"). In this context, pseudonymised usage profiles are created and cookies are used. The information generated by cookies about your use of this website such as:
• Browser type / version,
• Used operating system,
• Referrer URL (the previously visited page),
• Host name of the accessing computer (IP address),
• Time of server request,
are transmitted to a Google server in the US and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage for the purposes of market research and customisation of these websites. This information may also be transferred to third parties if required by law or if third parties process this data in the order. By activating the IP anonymisation on this website, the IP address will be shortened before transmission within the EU or the EEA (IP masking). Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. The anonymised IP address provided by Google Analytics within the framework of Google Analytics will generally not be merged with other data provided by Google.
You can prevent the installation of cookies by setting the browser software accordingly (see below). We point out, however, that in this case not all features of this website may be fully exploited. In addition, you can prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout).
Google is headquartered in the US and is certified under the EU-US Privacy Shield. A current certificate can be viewed here.Under the agreement between the US and the European Commission, the latter has established an appropriate level of data protection for companies certified under the Privacy Shield. For more information about privacy related to Google Analytics, see the Google Analytics Help Centre (https://support.google.com/analytics/answer/6004245?hl=en).
6.2 Purpose of data processing
We process and use the resulting data to improve the marketing of our websites, to increase the user-friendliness of the websites and for other optimisation purposes. The analysis required for marketing and optimisation purposes usually does not allow us to identify your personal or personal information. In particular, no names, addresses, telephone numbers or other data are stored that can be directly attributed to individuals. The analysis provides only aggregated data, such as the number of visitors and the page views. We point out, however, that according to widespread opinion, dynamic IP addresses and the associated usage data are classified as personal data.
Among other things, cookies allow us to tailor our website to your wishes, to establish connections between different visits to our website, or to store your password in the browser so that you do not have to re-enter it every time.
6.3 Legal basis of data processing
The illustrated cookies, plugins and tracking measures are based on Art. 6 para. 1 p. 1 lit. f GDPR. The data processed thereby for the named purposes serves the preservation in the context of a weighing of interests over predominant legitimate interests of our enterprise and third, in particular on a promotional approach of our customers, and are therefore necessary according to the proportionality principle
6.4 Duration of storage
The personal data of the person concerned will be deleted or blocked as soon as the purpose of secure storage ceases to apply. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the person responsible is subject. The data will also be blocked or deleted if a secure storage period prescribed by the aforementioned standards expires, unless there is a need for further secure storage of the data for the conclusion or fulfilment of a contract.
6.5 Contradiction and elimination possibility
7 Rights of the data subject
As a data subject, you have the following different rights:
7.1 Right of inquiry
You have the right to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information on the purposes of processing, the category of personal data, the categories of recipients against whom your data has been or will be disclosed, the planned storage period, the right to rectification, deletion, limitation of processing or opposition, the existence of a right to complain, the origin of their data, if they were not collected from us, as well as require the existence of automated decision-making including profiling and, where appropriate, meaningful information about their details.
7.2 Right of correction
In accordance with Art. 16 GDPR, you have the right to demand the correction of incorrect or incomplete personal data stored by us.
7.3 Right of deletion
You have the right, in accordance with Art. 17 GDPR, to request the deletion of your personal data stored by us, unless the processing for the exercise of the right to freedom of expression and information, for the fulfillment of a legal obligation, for reasons of the public interest or for assertion, Exercise or defense of legal rights is required.
7.4 Right of restriction of processing
You have the right, according to Art. 18 GDPR, to restrict the processing of your personal data, if the accuracy of the data is disputed by you, the processing is unlawful, but you reject its deletion, we no longer need the data, but you they are required to assert, exercise or defend legal claims or you have objected to the processing pursuant to Art. 21 GDPR.
7.5 Right of data portability
You have the right, in accordance with Art. 20 GDPR, to receive your personal data provided to you in a structured, standard and machine-readable format or to request the transfer to another person in charge.
7.6 Right to revoke the data protection consent declaration
In accordance with Art. 7 (3) GDPR, you have the right to revoke your data protection consent declaration at any time. As a result, we may no longer continue the data processing based on this consent. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
If you want to make use of your right of revocation, it is sufficient to provide a corresponding notification via all known means of communication, in particular also by e-mail at firstname.lastname@example.org.
7.7 Right to complain to a supervisory authority
You have the right to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters.
7.8 Right to contradict
If your personal data is processed based on legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or that you have an opposition directed against direct mail. In the latter case, you have a general right of objection, which is implemented by us without specifying any particular situation.
If you would like to make use of your right to object, a corresponding notification via all known communication channels, in particular also by e-mail, is sufficient email@example.com.
After exercising your right to object, we will not further process your personal data for these purposes, unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or if the processing of the assertion, exercise or defense of Legal claims serves. This does not apply if the processing is for direct marketing purposes. Then we will not process your personal data for this purpose.
7.9 Automated decision on an individual basis including profiling
You have the right not to be subjected to a decision based solely on automated processing - including profiling - that will have legal effect or affect you in a similar manner. This does not apply if the decision
(1) Is required for the conclusion or performance of a contract between you and the controller,
(2) Is permitted by Union or Member State legislation to which the controller is subject, and where such legislation contains appropriate measures to safeguard your rights and freedoms and legitimate interests, or
(3) With your express consent.
However, these decisions must not be based on special categories of personal data under Art. 9 (1) GDPR, unless Art. 9 (2) lit. a or g GDPR applies and reasonable measures have been taken to protect the rights and freedoms as well as your legitimate interests.
With regard to the cases referred to in (1) and (3), the controller shall take appropriate measures to safeguard your rights and freedoms and legitimate interests, including at least the right to obtain the intervention of a person by the controller, to express his / her own position and contesting the decision is one.
8 Data security
When visiting our websites, we use the widely used SSL (Secure Socket Layer) method in combination with the highest encryption level supported by your browser. Whether an individual page of our website is transmitted in encrypted form can be recognised by the fact that the address line of the browser changes from "http: //" to "https: //" and to the closed representation of the key or lock symbol in the browser line.
We also take appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
The security measures described are based on Art. 6 para. 1 sentence 1 lit. f, Art. 32 GDPR. The data processed thereby is used for security purposes to safeguard our legitimate interests and the interests of third parties pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR required.
10 Updating and changing this Privacy Notice
This data protection information is currently valid and is valid as of May 2018.
Due to the further development of our processes and procedures or due to changed legal or official requirements, it may become necessary to change these data protection notices.