About us
04
References
03
We support companies through key business processes. For us, these are not abstract buzzwords, but concrete opportunities to actively shape the future of business and create sustainable value.
Services
02
"It is not that we have too little time, but rather that we do not use the time we have!"
Lucius A. Seneca
Recognising added value and implementing it effectively.
Your personal data is handled in accordance with the provisions of the EU General Data Protection Regulation (“GDPR”) and the German Federal Data Protection Act (BDSG) as well as other legal requirements as the basis for a trusting business relationship with our partners, clients, customers, and suppliers. We maintain the confidentiality of your personal data and ensure its protection through technical and organizational security measures that comply with current security standards. The privacy policy applies to the website www.finnoval.de and all its subdomains.
You can change your privacy preferences at any time at settings .
Name and contact details of the controller:
FINNOVAL GmbH
Königstraße 7
01097 Dresden
Telefon: 0351 21244710
Mail: kontakt@finnoval.de
(hereinafter referred to as “Company” or “we”)
We are currently not required to appoint a data protection officer. If you have any questions about your data, you can contact us at kontakt@finnoval.de
„Personal data“ is any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); A natural person is considered identifiable if they can be identified, directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier (e.g., cookie), or one or more special characteristics that express the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
„Processing“ is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, distribution, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
The "controller“ is the natural or legal person, public authority, agency, or other body that, alone or jointly with others, determines the purposes and means of the processing of personal data.
„Special categories of personal data“ is data that reveals your racial and ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, or sex life, as well as genetic data and biometric data that uniquely identifies a natural person.
We process the following personal data:
We only process your personal data if there is a legal basis under the GDPR or if you have given your consent:
We will only disclose your personal data to third parties if:
We process your personal data only for specific purposes and only the personal data relevant to achieving this purpose (principle of data minimization). We process personal data in particular for the following purposes:
If we intend to further process your personal data for a purpose other than that for which the personal data was collected, we will provide you with information about this other purpose and all other relevant information in accordance with this privacy policy prior to such further processing.
We ensure that all your personal data is deleted in accordance with the principle of data minimization and Art. 17 GDPR.
In accordance with Art. 17 GDPR, we only store your personal data for as long as is necessary for the respective purposes for which we process your personal data. If we process personal data for multiple purposes, it will be automatically deleted or blocked as soon as the last specific purpose has been fulfilled, provided that there are no legal, statutory, or contractual retention periods that prevent deletion.
The commercial and tax law retention periods for storage and documentation are up to ten years. In addition, the storage period is also based on the statutory limitation periods pursuant to Sections 195 et seq. of the German Civil Code (BGB), which are up to 30 years, with the regular limitation period being three years if the data is required for the assertion, exercise, or defense of (civil) legal claims.
Under certain circumstances, your data may also need to be retained for longer periods due to official or court orders.
Storage may also take place if this has been provided for by European or national legislators in EU regulations, laws, or other provisions to which the company is subject.
We process your personal data in accordance with the security requirements set out in Art. 32 GDPR. To this end, we have implemented appropriate technical and organizational measures that comply with recognized IT standards and are continuously reviewed. This ensures that your data is adequately protected against misuse or any other unauthorized data processing at all times.
Personal data that you transmit to us via our website is encrypted during transmission; we use Secure Socket Layers (SSL) encryption technology for this purpose.
This includes companies and institutions in the following categories:
We use processors in the following categories:
Data categories: When you visit our website, data is automatically stored in the server statistics (so-called server log files), which your browser automatically transmits to us. This information is temporarily stored in a log file. The following information is collected without your intervention and stored until it is automatically deleted:
For data protection reasons, the IP address is anonymized in the log files containing this data.
Purpose of processing: We process the aforementioned data for the following purposes:
Legal basis for data processing: Art. 6 para. 1 sentence 1 lit. f) GDPR. Our legitimate interest follows from the purposes listed above for data collection.
Deletion of your data: For security reasons (e.g., to investigate misuse), the log file information is stored anonymously by the provider for a short period of time and deleted when it is no longer required.
Data categories: When you register for an event via our website, subscribe to our newsletter, or use our web contact form, you will be asked to provide us with some of your personal data.
In addition to the data collected when the website is accessed (see above), the following data is processed:
Purpose of processing: The processing of the personal data you provide is necessary to handle your request and to communicate with you, as well as to operate our business.
Legal basis your consent pursuant to Art. 6 (1) sentence 1 lit. a) GDPR is required for data processing.
Deletion periods:
You can unsubscribe from the newsletter at any time using the links provided in our communications. The data you have provided will then be deleted.
Cookies are small text files that your browser automatically creates and that are stored on your device (PC, laptop, tablet, smartphone, etc.) when you visit our website. First-party cookies are cookies that are set directly by our website.
Data categories: Our website uses so-called session cookies.
The use of session cookies, i.e., cookies that are technically necessary for our Internet services (functional cookies), serves to make the use of our website more pleasant for you. Session cookies store data about your visit to the website and thus increase its user-friendliness: When you visit our site again, your entries and settings from your first visit are automatically applied so that you do not have to enter them again.
Language settings are stored and transmitted in the cookies.
Purpose of processing: The purpose of using technically necessary cookies is to simplify the use of websites for users.
Legal basis for data processing: The data processed by session cookies is necessary for the purposes mentioned above in order to safeguard our legitimate interests pursuant to Art. 6 (1) sentence 1 lit. f) GDPR, namely to provide our services in a form that enables user-friendly use of the online offering. Log files are stored for the integrity and security of the website.
Duration of storage: Session cookies are temporary cookies and are automatically deleted when you close your browser.
Right to object and opt out:
Most browsers automatically accept cookies. You can object to the use of cookies at any time with future effect by changing the settings in your browser so that it does not accept any or only certain cookies, or so that you are notified as soon as cookies are sent. Cookies that have already been saved can be deleted at any time. This can also be done automatically. Each browser differs in the way it manages cookie settings. This is described in the help menu of each browser, which explains how you can change your cookie settings.
If cookies are disabled for our website, it may no longer be possible to use all of the website's functions to their full extent.
If you use our website with multiple devices, you must object to its use on each device.
For the purposes of customer-oriented advertising, we create pseudonymized user profiles using Google Analytics, a web analytics service provided by Google USA. Google Analytics and Google Analytics 360 are operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as “Google USA”). First-party cookies are used to perform this service.
Data categories: Google Analytics collects the following categories of data:
The information generated by cookies about your use of this website may be transmitted to Google servers in the USA, or Google may access data from the USA. We have activated IP anonymization on this website (“anonymizeIP”) so that your IP address is truncated by Google within member states of the European Union or in other states party to the Agreement on the European Economic Area. In exceptional cases, the full IP address is transmitted to a Google server and truncated there.
Google USA has committed to complying with the Privacy Shield Agreement between the EU and the USA published by the US Department of Commerce regarding the collection, use, and storage of personal data from EU member states. Google Analytics and Google Analytics 360 are ISO 27001 certified. When visiting our website, users are informed about the use of Google Analytics and their consent is obtained for the processing of personal data used in this context. In this context, reference is also made to this privacy policy.
We have concluded a contract with Google USA regarding order processing, which obliges Google to handle your data in accordance with data protection regulations.
The analytics data collected as described above is gathered on the pages of our website but is not linked to any personal information, meaning that this information cannot be used to identify you personally. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. User behavior is only evaluated after anonymization as described above.
Purpose of processing: Optimization of our respective websites through personalization/customization of the offering as well as recognition and feature assignment of users in the case of advertising-financed offerings.
Legal basis for data processing: The legal basis is based on your consent pursuant to Art. 6 (1) sentence 1 lit. a) GDPR, which we obtain from you via opt-in before you use the website.
Google Analytics stores cookies in your web browser for a period of two years from your last visit. These cookies contain a randomly generated user ID that can be used to recognize you on future visits to the website.
The recorded data is stored together with the randomly generated user ID, which enables the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after XXX months. Other data remains stored in aggregated form for an indefinite period.
Further information about Google's privacy policy with regard to its analytics service can be found at here.
The exceptions under Section 34 of the Federal Data Protection Act (BDSG) apply here.
The exceptions of Art. 17 (3) GDPR and the additions pursuant to § 35 BDSG apply here.
Profiling is subject to the exception in Section 37 of the Federal Data Protection Act (BDSG).
If you wish to exercise your right of withdrawal or objection, simply send an email to kontakt@finnoval.de.
We generally respond to requests within one month of receipt. However, this period may be extended due to specific data subject rights or the complexity of your request. In this case, we will inform you of the reasons within the one-month period.