Corporate Crime & Compliance

Privacy Policy

Information on the collection and processing of personal data in accordance with the General Data Protection Regulation (GDPR).

1. Information on the Collection of Personal Data and Contact Details of the Controller

1.1 Controller

This privacy policy applies to data processing by:
Shahin Bahengam
Corporate Crime & Compliance
Email: [email protected]

1.2 Data Security

This site uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as requests you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

2. Data Collection When Visiting Our Website (Server Log Files)

When using our website for information purposes only, i.e., if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data, which is technically necessary for us to display the website to you:

  • Our visited website
  • Date and time at the time of access
  • Amount of data sent in bytes
  • Source/reference from which you reached the page
  • Browser used
  • Operating system used
  • IP address used (if applicable: in anonymized form)

Processing is carried out in accordance with Art. 6 (1) lit. f GDPR based on our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files retrospectively if there are concrete indications of illegal use.

3. Contact (Email or Contact Form)

When you contact us (e.g., via contact form or email), personal data is collected. Which data is collected in the case of a contact form can be seen from the respective contact form. This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration.

The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 (1) lit. f GDPR. If your contact is aimed at concluding a contract (e.g., mandate or cooperation), the additional legal basis for processing is Art. 6 (1) lit. b GDPR.

Your data will be deleted after your request has been fully processed; this is the case when it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

4. Use of Google Services

4.1 Google Analytics (with Anonymization)

We use Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. We use Google Analytics with the IP anonymization function. The legal basis for this service is your express consent pursuant to Art. 6 (1) lit. a GDPR, which is obtained via our consent banner. You can revoke this consent at any time for the future.

4.2 Google Maps

We embed the maps of the "Google Maps" service provided by Google Ireland Limited. The legal basis is our legitimate interest in easy findability of the locations we specify on the Internet pursuant to Art. 6 (1) lit. f GDPR. The processed data may include, in particular, IP addresses and location data of users, which, however, are not collected without their consent (usually in the settings of their mobile devices).

4.3 Google Fonts (Local)

We use Google Fonts for the visually improved display of various fonts on this website. These fonts are hosted locally on our own server. Therefore, no connection to Google servers is made when the page is accessed.

5. Disclosure of Data to Third Parties

Your personal data will only be transferred to third parties if:

  • You have given your express consent to this (Art. 6 (1) sentence 1 lit. a GDPR),
  • The disclosure is necessary for the assertion, exercise, or defense of legal claims (Art. 6 (1) sentence 1 lit. f GDPR),
  • There is a legal obligation for the disclosure (Art. 6 (1) sentence 1 lit. c GDPR),
  • This is necessary for the processing of pre-contractual or contractual measures with you (Art. 6 (1) sentence 1 lit. b GDPR).

6. Data Subject Rights

The applicable data protection law grants you comprehensive data subject rights vis-à-vis the controller regarding the processing of your personal data:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to withdraw consent given (Art. 7 (3) GDPR)
  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

7. Right to Object

IF WE PROCESS YOUR PERSONAL DATA ON THE BASIS OF OUR OVERRIDING LEGITIMATE INTEREST IN THE CONTEXT OF A BALANCING OF INTERESTS, YOU HAVE THE RIGHT TO OBJECT TO THIS PROCESSING AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION WITH EFFECT FOR THE FUTURE.

If you wish to exercise your right to object, simply send an email to: [email protected]