Data protection declaration under the GDPR
The protection of your personal data is very important to us. This Privacy Policy describes how Praxie Consulting process your personal information on this website and through our online services. In addition, you will receive data protection information (Articles 13 and 14 GDPR) in advance of processing operations and contractual relationships in a simple, precise, transparent, understandable and easily accessible form (Art. 12 (1) GDPR). In order to protect your personal data, Praxie has concluded appropriate agreements with the contracted service providers and cooperation partners (especially Art. 26 and 28 GDPR) and has taken technical and organizational measures to ensure the protection of your personal data. This site uses state-of-the-art SSL or TLS encryption for security purposes and to protect the transmission of confidential content that you send to us as the operator of the website via online forms. Our employees are regularly trained in the handling of personal data and are obliged to the confidentiality of personal data (Article 5 (1) (f), Art. 32 (4) GDPR). You can also make privacy-prone preferences using your web browser settings, such as: Through the Do-Not-Track feature, security updates, or blocking cookies/third party-cookies. Additional settings can be made by browser extensions and / or these are described separately in this privacy policy. We point out that a complete protection of data transfer on the Internet is not possible and the protection of your data can depend strongly on the individual surfing behavior. Never share your information with third parties who may misuse it.
In the event of changes to this privacy policy, we will post the amended policy and the effective date of the amended policy on this website. We therefore recommend that you check our website regularly. Changes that affect your consent will only be made by renewed consent.
1. Scope and Definitions
This privacy policy applies to online offers and services such as Internet pages and services and offers of Praxie Consulting contained therein.
In the context of this privacy policy, we use the following terms. For a better understanding, here is a brief explanation of the terms used in the sense of Art. 4 (1) GDPR.
1.1. Personal data
‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
1.2. Processing
‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
1.3. Restriction of processing
‘restriction of processing’ means the marking of stored personal data with the aim of limiting their processing in the future.
1.4. „Profiling“
‘profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
1.5. Pseudonymisation
‘pseudonymisation’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
1.6. Controller
‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
1.7. Processor
‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
1.8. Recipient
‘recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
1.9. Third party
‘third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
1.10. Consent
‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
2. Controller’s name and address
The controller in the sense of the General Data Protection Regulation and the Member States’ various national data protection legislation as well as other data protection provisions is the company indicated in the site notice as the operator of the relevant Online Platform.
Praxie ConsultingAtatürk Mah. Ertuğrul Gazi Sok. Metropol İstanbul A Blok
Apt. No:2E K:21 D:331 Ataşehir İstanbul, Turkey
Phone: +90 216 709 2874
Email:info@praxieconsulting.com
Internet: https://praxieconsulting.com/
3. Data protection officer
You can contact our data protection officer at Data Protection and Data Security:
Data protection officer: Eser Düzcan
Phone: +90 216 709 2874
Email: info@praxieconsulting.com
4. Data collection when you visit our website
When using our website for information only, i.e. if you do not register or otherwise provide us with information, we only collect data that your browser transmits to our server (so-called "server log files"). When you visit our website, we collect the following data that is technically necessary for us to display the website to you:
a. IP address of the requesting computer,
b. Date and time of access,
c. Name and URL of the expired file,
d. Website from which access is made (referrer URL),
e. used browser and, if applicable, the operating system of your computer as well as the name of your access provider
Data processing is carried out in accordance with Art. 6 (1) point f GDPR on the basis of our legitimate interest in improving the stability and functionality of our website. The data will not be passed on or used in any other way. However, we reserve the right to check the server log files subsequently, if there are any concrete indications of illegal use.
5. Cookies
In order to make your visit to our website attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your end device. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your terminal and enable us or our partner companies (third-party cookies) to recognize your browser on your next visit (persistent cookies). If cookies are set, they collect and process specific user information such as browser and location data as well as IP address values according to individual requirements. Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie.
In some cases, cookies are used to simplify the ordering process by saving settings (e.g. remembering the content of a virtual shopping basket for a later visit to the website). If personal data are also processed by individual cookies set by us, the processing is carried out in accordance with Art. 6 (1) point b GDPR either for the execution of the contract or in accordance with Art. 6 (1) point f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit.
We work together with advertising partners who help us to make our website more interesting for you. For this purpose, cookies from partner companies are also stored on your hard drive when you visit our website (third-party cookies). You will be informed individually and separately about the use of such cookies and the scope of the information collected in each case within the following sections.
5.1 Necessary cookies
These cookies are always enabled, as they are necessary for basic functions of our website. These include cookies that can be used to store where on the page you move.
5.2 Functional cookies
These cookies from our analytics tools allow us to count visits and determine their origin in order to continuously improve our service. They help us answer the question of which pages or products are the most popular and where problems may arise when using our website. Disabling these cookies may result in poorly selected recommendations and a worse website experience.
6. Collection and use of data
As part of your visit to our website, we process personally identifiable information you provide in particular through online forms provided by Praxie. Below is a list of possible data processing by us as well as the online forms integrated on partner sites. This data will be deleted as soon as the purpose of storage no longer exists and there are no legal and / or legitimate retention periods. In addition to the purposes and legal bases specified below, the data may also be used for purposes of contract performance and fulfillment, Art. 6 (1) lit. b) GDPR as well as for marketing purposes on the basis of your consent Art. 6 (1) lit. a) GDPR or based on legitimate interests pursuant to Art. 6 (1) lit. f) GDPR, if necessary in conjunction with recital 47 GDPR are processed accordingly, insofar as a other legal basis (eg § 7 (3) UWG) is not relevant.
6.1. Praxie forms and data collected about them
In order for you to be able to use our services, we provide these forms for your specific needs. If you fill out one or more of these forms and submit, we will receive the data entered and process them on our systems. The following illustration of forms used by Praxie may not be exhaustive. We reserve the right to change the content of individual online forms, to rename them or to process comparable information through those services.
6.1.1. Contact Form
On our website, users have the opportunity to send a mesage. The following personal data are processed by us:
First and last name
Email address
Phone number
IP address of the accessing computer
Browser type
Operating system
Date and time of the message
6.1.2 Duration of data processing
The data will be deleted as soon as they are no longer necessary for achieving the purpose of their collection. Therefore, the personal information the users will be stored as long as the evaluation process is active.
6.2. Third-party data collection
If you visit our website, third-party data may also be collected and processed. Processing is for the purpose of operating and optimizing our website, for marketing purposes, and for the purpose of providing and performing our agency/brokerage services (see 6.2.1 and below). In addition, our online forms and marketing tools will also be linked to affiliate sites, for accessing our website and/or using our services.
6.2.3. Social Networks / Social Media Plugins
We may use social networks on our website, as far as these are activated at the time oft he visit of our website. Which company processes data in this context can be seen here. The data processing is based on Art. 6 para. 1 lit. f) GDPR on our legitimate interest.
LinkedIn
You can find LinkedIn or LinkedIn Corporation plugins/services on our website at 2029 Stierlin Court, Mountain View, CA 94043, United States of America (hereafter "LinkedIn"). You can recognize the plugins of LinkedIn by the corresponding logo or the "Recommend" button. Please note that when you visit our website, the plugin establishes a connection between your respective internet browser and LinkedIn's server. LinkedIn is informed that our website has been visited with your IP address. If you click LinkedIn's "Recommend" button while logged in to your LinkedIn account, you have the option to link content from our website to your LinkedIn profile page. In doing so, you enable LinkedIn to associate your visit to our website with you or your user account. You must understand that we have no knowledge of the content of the submitted data and its use by LinkedIn. For more details on how to collect the data and your legal options, as well as recruitment options, please visit LinkedIn. These are provided Here.
7. Marketing E-Mails
If you have given us consent to communicate by e-mail as part of our service or there is a legitimate interest, we will send you relevant e-mails around the topic BIM Consulting. We have collected the data that we process in this process from previous services you have requested from us. After obtaining consent, the sending of marketing e-mails in accordance with Art. 6 (1) lit. a) GDPR is generally lawful. If you are already an existing customer with us, the sending of marketing e-mails is permitted according to § 7 III UWG. If you still do not want to receive these marketing e-mails, please send us a written declaration of revocation to info@praxieconsulting.com. You can also unsubscribe from the marketing e-mails at any time by following the unsubscribe link in the relevant marketing e-mail. For e-mail marketing, we use the marketing cloud services. We have entered into a processing contract with the service provider, which includes standard contract clauses and binding corporate rules.
8. E-Mail Contact
In this case, we process and store the personal data transmitted by e-mail. This will basically be your e-mail address and all other information provided by you. Such data processing is required for the conversation and to provide you with our services. The data processing is based on our legitimate interest within the meaning of Art. 6 (1) lit. f) GDPR and is therefore lawful, as far as you are not unduly limited in your rights. If the contact serves the conclusion of a contract, the processing according to Art. 6 (1) lit. b) GDPR is lawfully. If you provide unsolicited further data, the processing is based on your consent within the meaning of Art. 6 (1) a) GDPR. We will delete this data as soon as the conversation ends and there is no purpose for storage/no legal and/or legitimate retention period. The conversation ends when it can be inferred from the circumstances that the affected process has finally been clarified.
9. Disclosure of your data by us
We disclose personal information in order to comply with legal obligations, to investigate complaints about offers or content that infringe the rights of third parties and to protect the rights, property or security of third parties. Disclosure of this information is strictly in accordance with applicable lawsprivacy.html laws. In particular, we may disclose your personal information to law enforcement or regulatory agencies or authorized third parties for any obligation or authority in connection with any investigation or suspicion of a criminal offense, unlawful act or other matter that may arise for us, you or anyone give a third party a justification for disclosure. In such cases, we will disclose the necessary data such as name, location, postal code, telephone number, e-mail address, previous usernames, IP address, fraudulent complaints and other information as far as this is permitted.
9. Disclosure of your data by us
As already explained in this privacy policy, we use services whose providers are partly located in so-called third countries (such as the USA), i.e. countries whose level of data protection does not correspond to that of the European Union. Where this is the case and the European Commission has not issued an adequacy decision (Art. 45 GDPR) for these countries, we have taken appropriate precautions to ensure an adequate level of data protection for any data transfers. These include, among others, the standard contractual clauses of the European Union or binding internal data protection regulations.
10. Data transfer to third countries
As already explained in this privacy policy, we use services whose providers are partly located in so-called third countries (such as the USA), i.e. countries whose level of data protection does not correspond to that of the European Union. Where this is the case and the European Commission has not issued an adequacy decision (Art. 45 GDPR) for these countries, we have taken appropriate precautions to ensure an adequate level of data protection for any data transfers. These include, among others, the standard contractual clauses of the European Union or binding internal data protection regulations.
Where this is not possible, we base the data transfer on exceptions of Art. 49 GDPR, in particular your explicit consent or the necessity of the transfer for the performance of the contract.
If a third country transfer is provided for and no adequacy decision or appropriate safeguards are in place, it is possible and there is a risk that authorities in the respective third country (e.g. intelligence services) may gain access to the transferred data in order to collect and analyze it, and that enforceability of your data subject rights cannot be guaranteed. When obtaining your consent via the cookie banner, you will also be informed of this.
11. Rights of the data subject
The applicable data protection law grants you as the data subject to the controller (Praxie) with regard to the processing of your personal data comprehensive data subject rights (information and intervention rights), about which we inform you below:
11.1. Right to confirmation, Art. 15 I 1 GDPR
The data subject has the right to ask the controller for a confirmation as to whether personal data concerning them are being processed.
11.2. Right to information, Art. 15 I 2 GDPR
If personal data of the data subject are processed, you have the right to information about this personal data and to the following information:
a. the processing purposes;
b. the categories of personal data being processed;
c. the recipients or categories of recipients to whom the personal data have been disclosed or are still being disclosed, in particular to recipients in third countries or to international organizations;
d. if possible, the planned duration for which the personal data are stored or, if this is not possible, the criteria for determining that duration;
e. the existence of a right to rectification or erasure of the personal data relating to him or to a restriction of processing by the controller or a right to object to such processing;
f. the existence of a right of appeal to a supervisory authority;
g. if the personal data are not collected from the data subject, all available information on the source of the data;
h. the existence of automated decision-making, including profiling, as referred to in Article 22 (1) and (4) and, at least in these cases, meaningful information about the logic involved and the scope and intended impact of such processing on the data subject.
You have the right to request information about whether the personal data concerning you is transferred to a third country or to an international organization. In this context, you may request to be informed about the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.
11.3. Right to correction and completion, Art. 16 GDPR
The data subject has the right to demand from the controller without delay the correction of incorrect personal data concerning him. Taking into account the purposes of the processing, the data subject has the right to request the completion of incomplete personal data, including by means of a supplementary statement.
11.4. Right to be forgotten, Art. 17 GDPR
The data subject has the right to require the controller to delete personal data concerning him or her without delay, and the controller is obliged to delete personal data immediately, if one of the following reasons applies:
a. the personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
b. the controller revokes the consent on which the processing referred to in Article 6 (1) lit. a) or 9 (2) lit. a) was based and lacks any other legal basis for the processing.
c. the data subject objects to the processing in accordance with Article 21 (1) and there are no legitimate grounds for processing, or the data subject objects to the processing in accordance with Article 21 (2) lit. d).
e. the personal data were processed unlawfully.
f. the deletion of personal data is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
g. the personal data were collected in relation to information society services offered in accordance with Article 8 (1).
However, the above does not apply if the processing is for legal purposes (see 10.). A deletion is also excluded if there are statutory storage requirements or overwhelming interests of the controller for the storage.
11.5. Right to restriction of processing, Art. 18 GDPR
The data subject has the right to require the controller to restrict the processing if one of the following conditions is met:
a. the accuracy of the personal data is disputed by the data subject for a period of time allowing the controller to verify the accuracy of the personal data;
b. the processing is unlawful and the data subject refuses to delete the personal data and instead requests the restriction of the use of the personal data;
c. the controller no longer needs the personal data for processing purposes, but the data subject requires them to assert, exercise or defend legal claims; or
d. the person concerned has lodged an objection to the processing referred to in Article 21 (1) pending determination of whether the legitimate grounds of the controller prevail over those of the data subject.
Therefore, if the processing has been restricted, these personal data may only be stored with the consent of the data subject or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for important public interest of the Union or a Member State.
An affected person who has restricted processing will be notified by the controller before the restriction is lifted.
11.6. Right of Information, Art. 19 GDPR
If you have asserted the right to rectification, erasure or restriction of processing vis-à-vis the controller, the latter is obliged to notify all recipients, to whom your personal data have been disclosed, of such rectification or erasure of the data or restriction of processing, unless this turns out to be impossible or produces unreasonable burdens.
You have the right vis-à-vis the controller to be informed of such recipients.
11.7 Right to data transferability, Art. 20 GDPR
The data subject has the right to receive in a structured, common and machine - readable format the personal data relating to him / her that are made available to a responsible person, and has the right to transfer that data to another person without hindrance by the person responsible for the data personal data provided, provided that:
a. the processing is based on a consent in accordance with Article 6 (1) lit. a) or Article 9 (2) lit. a) or on a contract pursuant to Article 6 (1) lit. b); and
b. the processing is done by automated methods.
In exercising their right to data portability, the data subject has the right to obtain that the personal data are transmitted directly from one controller to another responsible party where technically feasible.
11.8. Right to objection, Art. 21 GDPR
The data subject has the right at any time, for reasons arising from his / her special situation, against the processing of personal data relating to him or her, which pursuant to Art. 6 (1) lit. e) and f), to object; this also applies to profiling based on these provisions. The controller no longer processes the personal data unless he can demonstrate compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the data subject, or the processing is for the purpose of enforcing, pursuing or defending legal claims.
11.9. Right to revoke the consent granted, Art. 7 III GDPR
The data subject has the right to revoke their consent at any time with future effect. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation. The data subject will be informed before the consent is given. You can send a revocation at any time textually to us (e-mail is sufficient) under info@praxieconsulting.com. Please understand that in the case of a revocation it may take up to 4 weeks before the revocation has been processed. In the meantime, there may be overlaps in the way of handling your request with marketing measures.
11.10. Right to appeal (ART. 77 GDPR in conjunction with SEC. 19 BDSG)
Without prejudice to any other administrative or judicial remedy, any data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of the habitual residence, place of work or place of alleged infringement, if the data subject considers that the processing concerns them personal data breaches this Regulation.
12. Additional data protection advice for those affected
12.1. Joint controller (partners and cooperations)
We process your personal data in accordance with our privacy policy and the applicable data protection regulations. In general, it is only such information that you enter through our online forms or that you have provided to us by any other means (such as telephone, e-mail, or other information relevant to agency/brokerage services that you provide to us have personally communicated). This may also include information relevant to the agency/brokerage services, which we obtain from or pass on to third parties with your consent, on the basis of legitimate interest or on the basis of contractual agreements.
12.2. Additional information for customers and interested parties
We process your personal data for the implementation of pre-contractual measures (initiation of contractual relationships such as contact inquiries and viewing appointments). The legal basis for processing in this case is Article 6 (1) lit. b) GDPR. In some cases, processing is based on consent, Art. 6 (1) lit. a), for example for purposes of real estate valuation and for other offers and marketing in connection with our brokerage services, if necessary on the basis of Art. 6 (1) lit. f) in conjunction with recital 47 GDPR (direct marketing). A given consent can be revoked at any time with effect for the future, according to your data subject rights, see point 11.8. In addition, processing takes place to fulfill contracts (eg, brokerage agreements and other arrangements such as commission agreements). The legal basis for processing in this case is Article 6 (1) lit. b) GDPR. Processing is in some cases required to fulfill legal obligations (eg commercial, tax and credit law regulations (KWG, GWG), statutory information and notification obligations). The legal basis for processing in this case is Article 6 (1) lit. c) GDPR. In the context of a balance of interests pursuant to Art. 6 (1) lit. f) of the GDPR, processing takes place, for example, to safeguard the interests of our company and safeguard the legitimate interests of third parties (credit and default risks, internal evaluations and analyzes for marketing measures; to assert, exercise and defend legal claims, to ensure IT security and the IT operation of our company, for purposes of securing evidence). In addition, we process personal information in accordance with our privacy policy. Further details can be found in this privacy policy. To safeguard your rights, see point 11 "Rights of the data subject".
13. Applicant data
We handle the applicant data you submit with utmost confidentiality, using it solely for the purpose of processing your application. Your application data is securely recorded and stored in the recruiter's email system. Only authorized personnel, directly involved in the application process, have access to your application data. This ensures both privacy and efficiency in handling your application.
If you provide us with personal data as part of the application process, this will be divided into the following data types and data categories for collection, processing and/ or use:
Personal data (first and last name, date of birth, address, school leaving certificate)
Communication data (telephone, mobile phone and fax numbers, e-mail address)
Information data (from third parties, see section 5)
Data on assessment and evaluation in the applicant procedure
Data on education (school, vocational training, civil/military service, studies, doctorate)
Data on previous professional career, training and work references
Data on other qualifications (e.g. language skills, PC skills, etc.)
Application photo
Information on desired salary
Application history (storage-limited, Art. 5 para. 1 lit. e) GDPR).
In the event that we find your application interesting even after a rejection, we will include you in our talent pool with your express consent. In this case, we will store your personal data for up to 12 months after the rejection. If a suitable position becomes available with us during this period, we will contact you again.
The legal basis for the processing of personal data is Art. 6 para. 1 lit. a) GDPR, § 26 BDSG. Furthermore, we may process personal data about you insofar as this is necessary to defend asserted legal claims against us arising from the application process. The legal basis for this is Art. 6 para. 1lit. f) GDPR; the legitimate interest is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG). For these purposes, the applicant data is generally stored for 6 months.
If an employment relationship is established between you and us, we may, in accordance with Section 26 (1) of the German Federal Data Protection Act (BDSG), continue to process the personal data already received from you for the purposes of the employment relationship, provided that this is necessary for the performance or termination of the employment relationship or for the exercise or fulfillment of the rights and obligations of the employee representative body resulting from a law or a collective agreement, a works agreement or a service agreement (collective agreement).
Your personal data will only be processed by persons involved in the application process. All employees entrusted with data processing are obliged to maintain the confidentiality of your data. Data will only be passed on to third parties if you have given your consent or if we are obliged to pass on data due to legal regulations and/or official or court orders.
In addition, we may process job-related information that you have made publicly available, such as a profile on professional social media networks.
Insofar as we do not collect the data directly from you and you have an active profile on StepStone, Xing or LinkedIn, or disclose an inactive or only partially active profile to us as part of the application process, we may also collect personal data from them.
After completion of the application process, your data will be deleted from our system again after six months, provided that no cooperation takes place. Your personal data will be deleted from the talent pool after 12 months, unless you request earlier deletion.
You can object to the processing of your data at any time and request the deletion of your personal data. In addition, you are entitled to the rights mentioned in section 11.
No automated decision in individual cases or "profiling" within the meaning of Art. 22 GDPR takes place, i.e. the decision about your application is not based exclusively on automated processing.
Last update: 23.01.2024