Legal

Privacy Policy

This Privacy Policy explains how Braun Management collects, uses, stores, and protects personal data obtained through this website and through business inquiries submitted to the firm, in accordance with the General Data Protection Regulation (GDPR) and applicable German data protection law.

Effective date: 1 January 2024

1. Data controller

The data controller responsible for the processing of personal data on this website is:

Braun Management
Leipziger Platz 15
10117 Berlin, Germany
Email: hallo@management-braun.com
Phone: +49 151 5222 1722

2. Types of data collected

We may collect the following categories of personal data:

• Contact information: Name, email address, phone number, company name, and job title when you submit an inquiry through our contact form or communicate with us directly.
• Communication content: The content of messages you send to us, including descriptions of your business situation or consulting needs.
• Technical data: IP address, browser type and version, operating system, referring URLs, pages visited, and timestamps when you access our website.
• Cookie data: Information collected through cookies and similar tracking technologies as described in our Cookie Policy.

3. Legal basis for processing

We process personal data on the following legal bases under Article 6 GDPR:

• Consent (Art. 6(1)(a) GDPR): Where you have given explicit consent to the processing of your personal data for specific purposes, such as receiving communications from us or accepting non-essential cookies.
• Contract performance (Art. 6(1)(b) GDPR): Where processing is necessary for the performance of a contract with you or to take steps at your request prior to entering into a contract.
• Legitimate interests (Art. 6(1)(f) GDPR): Where processing is necessary for the purposes of legitimate interests pursued by us, such as responding to inquiries, ensuring website security, and improving our services, provided that such interests are not overridden by your rights and freedoms.
• Legal obligation (Art. 6(1)(c) GDPR): Where processing is necessary for compliance with a legal obligation to which we are subject.

4. Purposes of processing

We process personal data for the following purposes:

• Responding to inquiries and providing information about our services
• Entering into and performing consulting agreements
• Managing business relationships and client communications
• Ensuring the security and proper functioning of our website
• Analyzing website usage to improve our online presence
• Complying with legal and regulatory requirements
• Protecting our legitimate business interests

5. Data retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Specific retention periods include:

• Contact form submissions: 3 years after the last communication, unless a business relationship is established
• Client engagement records: 10 years after the conclusion of the engagement (as required by German commercial and tax law)
• Server logs: 90 days
• Analytics data: 26 months in anonymized form

6. Data sharing and transfers

We do not sell personal data to third parties. We may share personal data with:

• Service providers: Third parties who provide services on our behalf, such as website hosting, email services, and IT support. These providers are contractually bound to process data only on our instructions and in accordance with applicable data protection law.
• Professional advisors: Lawyers, accountants, and other professional advisors where necessary for the conduct of our business.
• Legal authorities: Government agencies, courts, or regulatory bodies where required by law or to protect our legal rights.

Our website is hosted by Vercel Inc. (USA). Where personal data is transferred to the United States, such transfers are made pursuant to appropriate safeguards, including Standard Contractual Clauses approved by the European Commission.

7. Your rights

Under the GDPR, you have the following rights regarding your personal data:

• Right of access (Art. 15 GDPR): You may request confirmation of whether we process your personal data and, if so, access to that data and related information.
• Right to rectification (Art. 16 GDPR): You may request correction of inaccurate personal data or completion of incomplete data.
• Right to erasure (Art. 17 GDPR): You may request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for its original purpose.
• Right to restriction (Art. 18 GDPR): You may request restriction of processing in certain circumstances, such as when you contest the accuracy of the data.
• Right to data portability (Art. 20 GDPR): You may request to receive your personal data in a structured, commonly used, machine-readable format.
• Right to object (Art. 21 GDPR): You may object to processing based on legitimate interests or for direct marketing purposes.
• Right to withdraw consent (Art. 7(3) GDPR): Where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of processing before withdrawal.

To exercise these rights, please contact us using the details provided below. We will respond to your request within one month, as required by law.

8. Right to lodge a complaint

If you believe that our processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority. The competent supervisory authority for Braun Management is:

Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59-61
10555 Berlin, Germany
Website: datenschutz-berlin.de

9. Website security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. Our website uses SSL/TLS encryption for data transmission. However, no method of transmission over the internet is completely secure, and we cannot guarantee absolute security.

10. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The effective date at the top of this page indicates when this policy was last updated. We encourage you to review this page periodically.