For many years we have been providing reliable and competent support and advice to companies and organizations of all kinds in the field of data protection, including the interfaces into information and cyber security.
After being founded in 2019 with an exclusive focus on Germany and small companies, we began expanding our model internationally in July 2024. We are staying on our "playing field" with small companies, but are now increasing scalability in the event of our customers' expanding.
We are just starting out and want to follow and expand this path step by step. From my professional experience as a consultant in the IT and telecommunications sector, I know that growing too quickly also entails risks - not only, but especially in the consulting business. This website therefore focuses on what we consider to be the essential statements, and we leave out all the other "bells and whistles" of today. I would be very pleased if I could arouse your interest despite this slim appearance and remain with kind regards, yours
Robert Jeffares
Get in touch with us
Started in 2019 as a small offshoot of Data Business Services GmbH & CO KG, the focus was placed exclusively on Germany and small companies. These companies must meet the same legal requirements of the EU GDPR as medium and large companies. In contrast to these, however, they usually do not have the resources and budget for their own structures. This also means that they can and do not want to invest much time and money in meetings and/or paper for cross-sectional tasks such as data protection. From a risk perspective, "you" simply live with it. And from a business perspective, this often makes sense, too.
The pDatix approach takes exactly this view and offers a very simple model.
A low monthly flat rate and hours only based on effort. This focus and the associated cost structure make it possible to guarantee high availability and rapid processing of the topics. In contrast to many competitors, we can reduce the number of hours and thus variable costs to only those areas that correspond to the customer's risk profile.
November 11, 2024
With this information, the responsible body named under point 1 ("We") informs the user of the website ("you" or "user") in accordance with Art. 13 and 14 of the General Data Protection Regulation (GDPR) about the collection and processing of personal data. At the same time, we inform you when we store information in the end device that you use when you visit our websites or when we access information that is already stored in your end device.
The data protection information there applies to the use of websites of other providers, which are referred to via links, for example.
A General information
1 Responsible person and data protection officer
1.1 The responsible data processor for this website is: pDatix GmbH, Sauerbruchstrasse 8, contact [ a t ] pdatix.eu … [Design note: Name, postal address, email address of the responsible person, see Art. 13 Para. 1 a and Art. 14 GDPR.]
1.2 We do not appoint a data protection officer.
1.3 Our website is hosted by ALL-INKL.COM (www.all-inkl.com), i.e. it is technically provided on the web servers of this web host. The web host is a processor engaged by us in accordance with Art. 28 GDPR.
2 Rights of the data subject
If we collect personal data from you, you have the following rights as the “data subject”:
2.1 Right to information
You can request information in accordance with Art. 15 GDPR about your personal data that we process.
2.2 Right to object
You have a right to object for the special reasons set out in Art. 21 Para. 1 GDPR. We will inform you about this separately from this information under “B”.
2.3 Right to rectification
If the information concerning you is no longer correct, you can request rectification in accordance with Art. 16 GDPR. If your data is incomplete, you can request that it be completed.
2.4 Right to erasure
You can request the erasure of your personal data under the conditions set out in Art. 17 GDPR. 2.5 Right to restriction of processing
In the cases of Art. 18 GDPR, you have the right to request a restriction of the processing of your personal data ("blocking").
2.6 Right to complain
If you believe that the processing of your personal data violates data protection law, you have the right to complain to a data protection supervisory authority of your choice under Art. 77 Para. 1 GDPR.
2.7 Right to data portability
In the event that you have provided us with personal data in accordance with Art. 20 Para. 1 GDPR, you have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to third parties in a structured, common and machine-readable format. The collection of data to provide the website and the storage of log files (section 3.1 below) are essential for the operation of the website. They are therefore not based on consent in accordance with Art. 6 (1) (a) GDPR or on a contract in accordance with Art. 6 (1) (b) GDPR, but are justified in accordance with Art. 6 (1) (f) GDPR. The requirements of Art. 20 (1) GDPR are therefore not met in this respect.
3 Procedure: Provision of the website and creation of log files
3.1 Which data is processed for which purpose?
Every time the website content is accessed, the web server of our web host, where our website is stored, temporarily collects and stores information (data) from the Internet browser of the user's computer or device. This data may enable the user to be identified and is therefore personal data.
3.1.1 The following data is collected and stored by our web host:
3.1.2 The temporary storage of this user data is necessary for the course of a website visit in order to enable the website to be delivered. For this purpose, the user’s IP address must necessarily be stored for the duration of the session (i.e. the web page visit).
3.1.3 Any further storage of the IP address with the data listed below from the above list beyond this purpose takes place in log files (logs). This is done so that our web host can ensure the functionality of the website and the security of the information technology systems.
3.2 On what legal basis is this data processed? The data from section 3.1 is collected and processed by our web host for the aforementioned temporary storage purpose and also for the further storage purpose in accordance with Art. 6 Paragraph 1 Letter f GDPR. This purpose also represents the legitimate interest in data processing. This legitimate interest is the interest of our web host, but also our legitimate interest in a functional website.
3.3 Are there other recipients of the aforementioned data in addition to the person responsible? As our processor, our web host has technical access to the data mentioned in 3.1.
3.4 How long is the data stored? The data from 3.1.1 are deleted as soon as they are no longer required to achieve the purpose for which they were collected. When the website is made available, this is the case when the respective session has ended. The log files are kept for a maximum of 7 days, unless a security event requires longer storage.
3.5 Is there an obligation to provide data? You must provide the data from 3.1 to our web host. Otherwise, you will not be able to use our website technically and our web host cannot guarantee secure technical operation.
4 Data processing procedures
4.1 Data and information processing requiring consent
If we are only allowed to collect and process personal data with your consent, we will inform you about this in our consent banner in the context of the consent dialog.
4.2 Use of email address and contact form data based on legitimate interests
4.2.1 Which data is processed for which purpose? If we provide you with an email address and a contact form with input fields, this serves the purpose of enabling you to contact us. If you send us personal data, we will store it and process it for the purposes of establishing contact.
4.2.2 On what legal basis is this data processed?
The data from section 4.2.1 is processed on the basis of Art. 6 Para. 1 Letter f GDPR (legitimate interest of us as the responsible body). If your request is aimed at concluding a contract, then Art. 6 Para. 1 Letter b GDPR is an additional legal basis (initiation, conclusion and execution of a contract).
4.2.3 Are there other recipients of the aforementioned data in addition to the person responsible?
As our processor, our web host has technical access to the data mentioned in 4.2.1.
4.2.4 How long is the data stored?
The data from 4.2.1 will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. For personal data that was sent to us by email or the contact form, this is the case when the respective correspondence with the user has ended and storage is not still required for other reasons. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
4.2.5 Is there an obligation to provide data?
You are not obliged to provide us with data from 4.2.1. You do not have to communicate with us.
4.3 Use of the session cookie "wbk_sid" based on legitimate interests
4.3.1 Which data is processed for which purpose?
As soon as you use the contact form, the session cookie "wbk_sid" is stored on your device by default. This cookie contains a long combination of numbers and letters ("ID"). The purpose of the cookie is to recognize the user when they request to send login data or contact information and to distinguish them from abusive users (e.g. SPAM bots).
4.3.2 On what legal basis is this data processed?
The information in this cookie does indeed represent personal data. However, the use of the cookie "wbk_sid" does not require consent under data protection law because the data processing is necessary to protect the legitimate interests of the website operator and because the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data, do not prevail. The legal basis for data processing is therefore Art. 6 Para. 1 Sentence 1 Letter f GDPR.
4.3.3 Are there other recipients of the aforementioned data in addition to the person responsible?
Our web host, as our processor, has technical access to the data mentioned in 4.3.1.
4.3.4 How long is the data stored?
If the user closes the browser, the cookie on the user's operating system is automatically deleted. It is therefore only valid for the duration of the visit to the website (session cookie).
4.3.5 Is there an obligation to provide data?
You are obliged to provide us with data from 4.3.1. Otherwise you cannot use the contact form.
4.3.6 Consent to the use of cookies?
Your consent to the storage of information about the cookie "wbk_sid" in your terminal device or our access to this information stored in your terminal device is unnecessary because storage and/or access are absolutely necessary so that you can use the login form or the contact form (Section 25 Paragraph 2 No. 2 TTDSG).
5 Processing of information from your end devices
5.1 If we want to store information in the end device that you use when visiting our websites and/or access information that is already stored in your end device, we will ask you for your consent on the basis of clear and comprehensive information. This is done via a consent banner that we use. We will obtain any necessary consent before we access it. You can revoke your consent at any time. However, your consent is not necessary for certain purposes specified in the law, so we do not ask for it in these cases. On the one hand, consent is not required if the sole purpose of storing information in the end user's end device or the sole purpose of accessing information already stored in the end user's end device is to transmit a message over a public telecommunications network. On the other hand, consent to the use of your device is not required if the storage of information in the end user's device or access to information already stored in the end user's device is absolutely necessary so that we, as a provider of a telemedia service, can provide a telemedia service expressly requested by the user.
5.2 Such access to end devices is possible using certain technologies. The best-known technology concerns cookies. Cookies are objects that can be stored in the Internet browser or by the Internet browser on the user's device. When a user visits a website, the server of the website operator or a third party can read the cookie stored there via the user's operating system and consequently the information stored there. A cookie can, but does not have to, contain a characteristic string of characters that enables the user's browser to be clearly identified when the website is accessed again.
5.3 Removal option: The user can prevent or restrict the installation of cookies by setting their browser accordingly. Cookies that have already been saved can also be deleted by the user at any time via their browser. The settings for this depend on the respective browser. If the user prevents or restricts the installation of cookies, this may mean that not all functions of the website can be used to their full extent. What applies to cookies also applies to other technologies that use the user's device.
5.4 Cookies and similar technologies that require consent: Our consent banner on the website provides information about cookies and similar technologies that require consent.
5.5 Cookies and similar technologies that do not require consent: We have internally documented that consent is not required under Section 25 (2) TTDSG for cookies and similar technologies.
6 Consent banner
6.1 In order to obtain legally required consent from you for certain services or functions or to take note of your revocation in this regard, a consent banner will be displayed to you (consent banner). Your consent or non-consent concerns our use of your device (computer, laptop, smartphone, tablet) through cookies or similar technologies, with which information can be stored on your device or read from it. Your consent may also be required for the processing of personal data by us or third parties in accordance with Art. 6 Para. 1 Sentence 1 Letter a GDPR, which is related to your use of our website is connected. In certain cases, the law allows us to use your device without your consent and/or to subsequently process your personal data without your consent.
6.2 We use the consent banner to inform you about all services or functions that require your consent before we use the service or function. The consent banner consists of an overview of all processing operations that require your consent and describes details for each so that you as a user can assess the meaning and scope of your consent. You can consent to each process using a button/click area by activating it or reject this process by deactivating it. There are three ways of making the decision:
- Choosing "Make selection and save" means that the user's decision is saved as they made it by selecting it using the buttons/click area. All services and functions that require consent and to which the user agrees are active and can be used. The services and functions that cannot be used without consent are not integrated into the website. - Choosing "Reject and save everything" means that this decision is not saved. The user's decision is therefore not to consent to anything that requires their consent, and this means that all services and functions that require consent will not work for this user. The banner is hidden.
- Choosing "Accept and save everything" means that all services and functions that require consent are "active". This means that you have given consent in accordance with the GDPR and also agree to the use of the device. The banner is then hidden.
During the course of further use of the websites, the user can actively cause the consent banner to appear by revoking consent that has been given or by obtaining consent that was not initially required. To do this, they click on the "Consent settings" link. The consent banner appears again.
Your consent can therefore be revoked at any time with effect for the future. A later revocation no longer affects the legality of the access or the storage of information up to that point.
6.3 All three decisions made by the user ("Make selection and save", "Reject everything and save" or "Accept everything and save") are saved via the browser of the user's device in the so-called "local storage" on the user's device. The storage there is permanent. The information is saved in the "wbkConsent" object. This technology is not a cookie in the true sense of the word. The information in the "wbkConsent" is also not personally identifiable, i.e. the user is not recognized when he or she visits the WBK user's website again. The selection decision for consent is not saved on our server. This use of the user's device does not require consent in accordance with Section 25 Paragraph 2 No. 2 TTDSG (user request). [Design note: If you include content that requires consent in your website and do not link it to the consent banner (which we strongly advise against), then not all of the information under points 5 and 6 is correct and must be adjusted.]
7 Technical measures
7.1 SSL/TSL
For security reasons and to protect the transmission of confidential content, for example via requests that you send to us as the website operator, our websites are provided with active SSL or TLS encryption. An encrypted connection can be recognized by the fact that the address line of the browser changes from “http://” to “https://” and a lock symbol is visible in the browser line. As a result of this encryption, data that you send to us cannot be read by third parties.
7.2 End-to-end communication
If you contact us using an email address provided on our website, the transport of the content of the email to us is not end-to-end encrypted. This means that the emails are usually encrypted during transport via the email providers involved, but are unencrypted on the servers there. Contacting us via the contact form provided is therefore technically secure communication.
7.3 Video integration
If you can watch videos on our websites that are marked as external links to third-party websites, this is done exclusively via the technology of linking to the respective website referred to or to a third-party video portal. These videos are stored there under the data protection responsibility of the respective third-party provider. The website referred to or the respective video portal is therefore not directly embedded in our websites. This ensures that user information is not transmitted to the portal when the website on which the video is integrated is loaded. It is also guaranteed that cookies or similar technologies for tracking user activities of the portals or the advertising partners of these portals cannot be placed on your device via the mere link. Only after you consciously click on the video preview image is a connection established to the third-party portal and the associated data processing triggered. This and the possible data processing of your user data on the linked portal then only occurs when you wish to see the video there. The data processing triggered by this is outside of our sphere of influence and is the responsibility of these third-party providers, who provide more or less detailed information about their data processing. If you do not agree to the data processing by the third-party provider, please do not click on the video preview image. [Design note: As soon as you integrate external videos outside of the video widget described above, you must inform yourself comprehensively about the associated use of the end devices of the users of your website and the associated data processing and inform your users accordingly.]
B Special information
Special right of objection in accordance with Art. 21 Para. 1 GDPR
You have the right to object at any time to the processing of your personal data that is carried out on the basis of Article 6 Para. 1 Letter f GDPR (processing to protect the legitimate interests of us or those of a third party) in accordance with Art. 21 Para. 1 GDPR for reasons arising from your particular situation. You can send your objection to the address in section 1.1.
We will then no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which outweigh the interests, rights and freedoms of the data subject, or the processing serves us to assert, exercise or defend legal claims.
If you object, you must explain to us in detail any interests you may have (your "special situation") so that we can re-evaluate the interests. If our interests in further storage do not outweigh your interests, the personal data stored during the contact process will be deleted. If these interests still outweigh your interests, we will continue to process the data.
Imprint pDatix GmbH
Mandatory information Imprint according to § 5 TMG
pDatix GmbH
Sauerbruchstrasse 8
D-81377 Munich
Telephone: +49 89 1250 1375 – 1
E-mail: contact [ a t ] pdatix.eu
Internet: www.pdatix.eu
Authorized managing director:
Robert Jeffares
Registration court: Munich District Court
Registration number: HRB 252744
VAT identification number according to § 27 a of the Sales Tax
Law:
DE 326 948 353
Person responsible for content according to § 5 TMG: Robert Jeffares
Trademark protection:
® pDatix is registered as a trademark under the number DE 30
2019 028 443, ref.: 30 2019 028 443.3/38 registered with the
German Patent and Trademark Office.
Date of registration: July 27, 2020
Other mandatory information in the imprint:
Disclaimer:
Despite careful control of the content, we assume no liability
for the content of external links. The operators of the linked
pages are solely responsible for their content.
Disclaimer, limitation of liability, liability for
content
The content of the website was created with the greatest
possible care and to the best of our knowledge. Nevertheless,
the provider of this website assumes no liability for the
topicality, completeness and correctness of the pages and
content provided.
As a service provider, the provider of this site is responsible
for its own content and information provided on these pages in
accordance with Section 7 Para. 1 of the German Telemedia Act
(TMG); However, according to §§ 8 to 10 TMG, we are not
obligated to monitor the transmitted or stored third-party
information. This content will be removed or blocked
immediately at the time of knowledge about a specific violation
of law. Liability is only possible at the time of knowledge.
Liability for external links
The site contains so-called "external links" (links) to other
websites, on whose content the website provider has no
influence. For this reason, the provider cannot accept any
liability for this content.
The respective provider of the linked website is responsible
for the content and accuracy of the information provided. At
the time of linking, no legal violations were apparent. If such
a legal violation becomes known, the link will be removed
immediately.
Copyright
The content and works on these pages created by the site
operators are subject to German copyright law. Duplication,
processing, distribution and any type of use outside the limits
of copyright law require the written consent of the respective
author or creator. Downloads and copies of this site are only
permitted for private, non-commercial use. As far as the
content on this site was not created by the operator, the
copyrights of third parties are respected. In particular,
third-party content is marked as such. Should you nevertheless
become aware of a copyright infringement, please let us know.
If we become aware of any infringements, we will remove such
content immediately.
Further information:
Design and programming:
pDatix GmbH
