We appreciate your interest in our company and our services. Data protection is of particular importance for HRK Family Office GmbH. The following information provides you with an overview of the processing of your personal data by us and your rights under the EU General Data Protection Regulation (GDPR).
HRK Family Office GmbH
Telephone: +49 (0) 89 216686-0
Fax: +49 (0) 89 216686-66
You can reach our contact person for data protection under:
HRK Family Office GmbH
Telephone: +49 (0) 89 216686-0
As a part of our business relationship with you, HRK Family Office must process your personal data. This means that we can collect, store, use, transmit or delete data. The legal basis for data processing may be the performance of the contract (Article 6 (1) (b) GDPR) or a declaration of consent (Article 6 (1) (a) GDPR) or a legal obligation (Article 6 (1) c GDPR) or for the protection of legitimate interests (Article 6 (1) (f) GDPR).
1. Processing of personal data (data source and categories):
2. The processing of personal data is legally based on Art. 6 para. 1 lit. b GDPR, in order to provide intermediary services for the execution of our contracts with you, or to carry out pre-contractual measures at your request. The purposes of the data processing are based on the specific product and may include, but is not limited to, analysis of needs, consulting, brokering, asset management and support, and transaction execution. Further details on the purpose of data processing can be found in the respective contract documents and terms and conditions.
3. In the course of our business relationship, you must provide the personal data necessary for entering into a business relationship, the associated contractual obligations, or for data collection of which we are required by law. Without this data, we will generally have to refuse closure of the contract, execution of the order or could be hindered to complete or terminate an existing contract. It is required of us by the anti-money laundering regulations that we identify you prior to the establishment of the business relationship, by means of your identity card, recording your name, place of birth, date of birth, nationality as well as your home address and identity card details for example. In order for us to be able to fulfill this legal obligation, you must provide us with the necessary information and documents pursuant to the Section 11 (6) Money Laundering Act and immediately notify us of any changes resulting from the business relationship. If you do not provide us with the necessary information and documents, we may not take up or continue the desired business relationship.
4. As far as services for children are requested by customers, we also collect personal data from children. In doing so, we ensure the parents’ consent to the processing of personal data or, in certain cases, also the consent of the child.
5. To ensure a smooth business relationship, we collect personal information from our suppliers and business partners when working with them. We collect data from our person of contact within the organization, such as name, telephone number and e-mail address. Furthermore, we collect bank data in order to make payments to our suppliers and business partners.
6. We may also obtain personal information from people who do not stand in direct relation to us but who, for example, belong to the following groups:
- legal representatives or authorized representatives,
- beneficial owners of our customers,
- representatives of legal persons,
- Employees of service providers or business partners.
7. Insofar as you have consented to the processing of personal data for specific purposes, the legality of this processing is based on this consent (Article 6 (1) (a) GDPR). Data processing for the purpose of contacting us takes place on the basis of your voluntarily consent, for example, if you use the contact form on our website www.hrkfo.de or give us a business card. By subscribing to the newsletter on our website, you also consent to the processing of your personal data for the purpose of sending out the newsletter. A given consent can be revoked at any time. This also applies to the revocation of declarations of consent that were given to us before the validity of the EU General Data Protection Regulation, ie. before 25 May 2018. Please note that the revocation only works for the future. Processing that occurred before the revocation is not affected. If we wish to use your personal data for purposes other than those mentioned above, we will inform you accordingly and, if necessary, obtain your consent.
8. Within our organization, the entities responsible for our contractual and legal obligations will be given access to your data. Our service providers and vicarious agents may also receive data for these purposes if they comply with our written data protection rules. We may only disclose information about you if statutory provisions require it, if you have given your consent or if you have the same rights as instructed by us to guarantee compliance with the provisions of the EU General Data Protection Regulation / Federal Data Protection Act. Under these conditions, recipients of personal data can be:
- Public bodies and institutions (eg tax authorities, Federal Central Tax Office) in the case of a legal or regulatory obligation.
- credit and financial service institutions or similar institutions and processors, to whom we transfer personal data in order to conduct the business relationship with you. These companies are also legally or contractually obliged to treat personal data with the necessary care. In particular, we work with IT service providers, financial service providers and commercial banks.
- Members of certain regulated professions such as lawyers, notaries or accountants.
9. We use your personal data to comply with various legal and regulatory obligations (Article 6 (1) (c) GDPR), including: banking and financial provisions, for which we take security measures to prevent abuse and fraud, to detect transactions that deviate from usual patterns, and to monitor and report any risks we may be exposed to. Furthermore, data processing is carried out to prevent money laundering and terrorist financing; to respond to an official request from a competent public authority or judicial authority; to comply with sanctions and embargo regulations; to combat tax evasion and fulfill tax and reporting obligations.
10. In addition to the actual performance of the contract, we process your data for the protection of our legitimate interests or those of third parties if necessary, (Article 6 paragraph 1 lit. f GDPR). This can include the following activities:
11. If international transfers of data are made to countries outside the European Economic Area (EEA) and a non-EEA country, the transfer of your personal data may take place on the basis that it complies with the European Commission and an adequate level of data protection is guaranteed. For transfers to non-EEA countries where the level of data protection has not been recognized by the European Commission, we may consider an appropriate exemption (for example, if the data transfer is required to comply with our contract with you) or use standard contract clauses approved by the European Commission to ensure the protection of your personal data. If you require a printed version of these terms or information, you may inform us of this in writing.
12. We store your data for the duration of our contractual relationship. Thereafter, your data will be restricted for further use and will only be available for the purposes foreseen in Art. 17 (3) and 18 GDPR. These purposes include, in particular, observing statutory retention periods as well as the assertion, exercise and defense of legal claims, to prove adequacy of our consulting for example. The statutory limitation periods can be up to 30 years (the regular limitation period is 3 years) and the statutory retention period can be up to 10 years. Proof of advice is stored as long as claims can be asserted. Once your data is no longer among the o.g. purposes and all retention periods have expired it will be permanently erased.
13. Rights of the affected :
14. In principle, we do not make use of fully automated decision-making procedures (including profiling) to establish and conduct the business relationship, in accordance with Article 22 of the GDPR. If we use these procedures in individual cases, we will inform you about this separately, if required by law.
15. We take reasonable and appropriate measures to protect the information we store and process from misuse, loss or unauthorized access. To do this, we have taken a number of technical and organizational measures that will be updated on an ongoing basis. If you suspect that your personal information has been misused, lost or unauthorized, please let us know as soon as possible.
16. To protect the security of your data in transmission, we use standard encryption techniques (e.g., SSL) over HTTPS.
17. Our website www.hrkfo.de automatically sends information to our server through the browser on your device. This information is temporarily stored in a so-called log file. The following information is collected and stored until automated erasure: name and URL of the retrieved file, IP address of the requesting computer (or terminal), date and time of access, website from which the access takes place, status code, transmitted Bytes and user agent.
18. We use so-called cookies for visiting the website www.hrkfo.de. Cookies are small texts that can be stored by providers of websites on your computer or mobile device. The purpose of a cookie is to make it easier for you to visit our websites: A cookie enables us to make our services available to you individually. The cookies used are not intended to collect personally identifiable information from you. Cookies do not damage your devices, do not contain viruses, Trojans or other malicious software. We use so-called "session cookies" to recognize that you have already visited individual pages on our website. These are automatically deleted after leaving our page or expire after a certain period. In addition, we also use temporary cookies that are stored on your computer or device for a specific period of time to improve usability. In the event that you revisit our website to use our services, it automatically recognizes this and remembers input and settings you made, so you do not have to re-enter them. These cookies automatically expire after a defined period of time.
- Youtube: https://www.google.com/intl/en/policies/privacy/
- Facebook: https://de-de.facebook.com/policy.php
1. Case-specific right of objection
You have the right at any time, for reasons applying to your particular situation, to prevent the processing of your personal data on the basis of Article 6 (1) lit. e GDPR (Data Processing in the Public Interest) and Article 6 (1) lit. f GDPR (data processing on the basis of a balance of interests), objecting; this also applies to a profile based on this provision within the meaning of Article 4 (4) GDPR. If you object, we will no longer process your personal information unless we can establish legitimate grounds that outweigh your interests, rights and freedoms, or for the purpose of asserting, exercising or defending legal claims.
2. Right to object to the processing of data for advertising purposes
In individual cases, we process your personal data for targeted marketing. You have the right to object at any time to the processing of your personal data for the purposes of such advertising; this also applies to your profile, insofar as it is associated with targeted marketing. If you object to the processing of your data for targeted marketing purposes, we will no longer process your personal data for these purposes.
Objections can be made via phone to:
+49 (0) 89 216686-0 or alternatively by sending an e-mail to firstname.lastname@example.org.
HRK Family Office GmbH