Privacy Policy
We, Dr. Kleeberg & Partner GmbH, would like to inform you by means of the following data protection information about which personal data is collected, processed and used when you visit our website, to what extent and for what purpose.
Responsible legal person
The responsible legal person pursuant to Article 4 (7) of the EU General Data Protection Regulation (“GDPR”) is:
Dr. Kleeberg & Partner GmbH
Auditing Company
Tax Consultancy Firm
Augustenstraße 10, 80333 Munich, Germany
(“Kleeberg”)
Phone: +49 89 55983-0
E-mail address: muenchen[at]crowe-kleeberg.de
Data Protection Officer
Personal data
Personal data is individual information about the personal or factual circumstances of an identified or identifiable natural person. This includes information such as name, address, telephone number or e-mail address. Information that is not directly associated with your real identity (e.g. number of users of a website) is not considered personal data.
Intended use
We will only collect, process and use the personal data you provide online for the purposes communicated to you, unless the collection, processing and use is for a purpose that is directly related to the original purpose for which the personal data was collected, based on a legal obligation or an official or court order to establish or protect legal claims or to defend against unlawful activities.
We will not sell or market your personal data to third parties or pass it on for other reasons.
Logging
Any visit to our website is logged. The following data is recorded:
- the current IP address of your computer,
- the selected webpages,
- your browser identification as transmitted,
- date and time and
- the operating system of your computer as transmitted by your computer.
Data is only collected for the purpose of optimizing data security and for the technical administration and optimization of the website. The legal basis for data processing is Article 6 (1) et seq. GDPR. Our legitimate interest is to display the website to you and to ensure the stability and security of the website. We will not use this information for any other purposes. No evaluations are carried out via Google Analytics.
Data storage and deletion
We only store personal data that you transmit to us for as long as it is required to fulfill the purposes for which this data was transmitted or as long as it is required by law. This is followed by automatic deletion.
As part of our regular full data backups, this data may also be backed up and stored on backup data carriers for a certain period of time in accordance with our archiving guidelines. At the end of an archiving period, the backup data carriers are regularly overwritten, and the corresponding data is automatically deleted.
If you no longer agree to the storage of your personal data or if data has changed, we will arrange for your data to be deleted or make the necessary corrections (insofar as this is possible under applicable law) at your request. Upon request, you will receive information free of charge about all personal data that we have stored about you.
Data security
Kleeberg makes every effort to take technical and organizational security measures to protect your personal data against accidental or unlawful destruction, loss or alteration and against unauthorized disclosure or access. Our employees are bound to confidentiality and data protection accordingly.
Cookies/LocalStorage
To maintain our website, we use the Elementor Website Builder from Elementor Ltd. based in Israel. The website builder stores data (so-called LocalStorage) in your browser to track your visitor habits or patterns and, if necessary, to trigger certain pop-ups. Pop-ups are small windows that contain additional information and overlay the current page. This data is technically necessary to ensure the functionality of our website and to display the website to you. The data is not forwarded to Elementor Ltd. or other third parties.
Online forms
Our website offers you the opportunity to contact us. When using an online form, it is usually necessary for you to send us your personal data.
If you use the corresponding form on our website, your personal and all other entered data will be automatically transmitted by our web server in an unencrypted e-mail to an employee who is responsible for forwarding all information. This employee forwards your data to the correct recipient within the company to process your request. No other data will be passed on to third parties.
The personal data transmitted by you via the online form will only be collected, processed and used within the scope of and for processing your inquiry. Any further processing and use will only take place with your explicit consent.
Application form
For application management, we use the Personio cloud software from the service provider Personio SE & Co. KG, Seidlstraße 3, 80335 Munich, Germany (“Personio”). If you use the online form to apply for our vacancies, you will be redirected to a Personio website. Your data will be stored within the EU. We have concluded an order processing contract with Personio. You can find information on data protection at Personio at https://www.personio.de/datenschutz/.
The data that you send us via the online form will only be used to process your application. The legal basis for this data processing is Article 6 (1) lit. b GDPR (entering a contract).
After completion of the application process and the associated legal deadlines, we will delete your application data.
DATEV tables form
This form is used to request the DATEV brochure “Tables and information”. The data processing is carried out in accordance with Article 6 (1) lit. b GDPR to send you the requested brochures.
The personal data from the form is temporarily stored on the server of our web agency before we retrieve the data from this server. The storage of your data takes place within the EU. We have concluded a corresponding order processing contract with the advertising agency.
Registration form for client events
This form is used to register for our client events. Data processing is carried out in accordance with Article 6 (1) lit. b GDPR to enable you to participate in the event.
The personal data in the form is temporarily stored on the server of our web agency before we retrieve the data from this server. Your data is stored within the EU. We have concluded a corresponding data processing agreement with the advertising agency.
E-mail/cloud-based services
To handle e-mail communication with clients and other business partners, we use cloud-based Microsoft 365 online services, in particular Exchange online and, within the Crowe-Kleeberg Group and for communication with selected clients and business partners, the Teams and SharePoint online services, to enable up-to-date and secure information and data exchange.
When implementing and operating cloud-based services, we make sure that data is stored in data centers in Germany and that support is provided by German service providers wherever possible. In this way, we ensure compliance with the data protection regulations applicable in Germany, in particular the GDPR, for electronic data processing and operation in accordance with the professional confidentiality obligations for auditors, tax consultants and lawyers.
The implementation was preceded by an extensive risk assessment together with our data protection officer. As part of our duty of care under data protection law, we also monitor these processing activities in regular internal data protection reviews.
E-mail/further information
If you would like to send us an e-mail, please note that unencrypted e-mails sent via the Internet are not adequately protected against unauthorized access by third parties.
If you send us applications by e-mail, we will only use this data to process your application. The legal basis for this data processing is Article 6 (1) lit. b GDPR (entering a contract). As part of the application process, we will forward your data to the employee responsible for the application. Your data will not be used for other purposes that are not related to the application and will not be transferred to third parties.
After completion of the application process and the associated legal deadlines, we will delete your application data.
Social-Media Buttons
We offer you the option of using so-called “social media buttons” on our website. To protect your data, these buttons are only integrated on our site as a static graphic that contains a link to the corresponding website of the provider. By clicking on the graphic, you will be redirected to the website of the respective provider, just as it works with normal links. The provider only receives information about you, such as your IP address, when you access the provider’s website. If you are already logged in to a social network, Facebook does this without an additional window. With X (formerly Twitter), a pop-up window appears in which you can edit the text of the tweet. If you do not click on the button graphics, no data will be exchanged. Information about the collection and use of your data in the social networks can be found in the respective terms of use of the corresponding providers.
Facebook
This website uses the link to the social network of the provider Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Meta“), which is only active after clicking on the corresponding button. The Facebook sharing button is merely a link to the provider Meta. Therefore, no data flows simply by accessing our website. Only when you click the button does Meta find out which website you came from – as with any link. If you click the button while you are logged into Facebook at the same time, Meta can assign your use to your user account. We have no knowledge of and no influence on the possible collection and use of your data by Meta. You can find more information in Facebook’s privacy policy at https://www.facebook.com/privacy/center/.
Short messaging service X (formerly Twitter)
This website uses the link to the social network of Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland (“Twitter“), which is only active after clicking on the corresponding button. The Twitter sharing button is merely a link to the provider Twitter. Therefore, no data flows simply by accessing our website. Only when you click the button or press the re-tweet button does Twitter find out which website you came from – as with any link. We have no knowledge of and no influence on the possible collection and use of your data by Twitter. For more information, please refer to the privacy policy at https://twitter.com/privacy?lang=de.
This website uses the link to the social network of the provider New Work SE, Am Strandkai 1, 20457 Hamburg, Germany (“New Work SE“), which is only active after clicking on the corresponding button. The Xing sharing button is merely a link to the provider New Work SE. Therefore, no data flows simply by accessing our website. Only when you click the button does New Work SE find out which website you came from – as with any link. We have no knowledge of and no influence on the possible collection and use of your data by New Work SE. You can find more information in Xing’s privacy policy at https://www.xing.com/privacy.
LinkedIn
This website uses the link to the social network of the provider LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn“), which is only active after clicking on the corresponding button. The LinkedIn sharing button is merely a link to the provider LinkedIn. Therefore, no data flows simply by accessing our website. Only when you click the button does LinkedIn find out which website you came from – as with any link. We have no knowledge of and no influence on the possible collection and use of your data by LinkedIn. You can find more information in LinkedIn’s privacy policy at https://www.linkedin.com/legal/privacy-policy.
WhatsApp
This website uses the link to the social network of the provider WhatsApp LLC, 1601 Willow Road, Menlo Park, California 94025 USA (“WhatsApp“), which is only activated after clicking on the corresponding button. This allows you to conveniently send content from our website to your WhatsApp contacts. The WhatsApp sharing button is merely a link to the provider WhatsApp. Therefore, no data flows simply by accessing our website. Only when you click the button does WhatsApp find out which website you came from – as with any link. The further processing of this information is the sole responsibility of WhatsApp. You can find the link to WhatsApp’s privacy policy here: https://www.whatsapp.com/legal/
Telegram
This website uses the link to the social network of the provider Telegram Messenger LLP 71-75 Shelton Street, Convent Garden, London, United Kingdom (“Telegram”) only once you have activated it by clicking on the respective button. This allows you to conveniently send content from our website to your Telegram contacts. The Telegram sharing button is merely a link to the provider Telegram. Therefore, no data whatsoever will be transferred simply by accessing our website. Only when you click on the button will Telegram find out which website you came from – as with any link. Telegram is solely responsible for the further processing of this information. You can find the link to the privacy policy of Telegram here: https://www.telegram.org/privacy
E-mail
This website uses the link to the e-mail forwarding option (e.g. Outlook), which only becomes active after clicking on the corresponding sharing button. This allows you to conveniently send content from our website via e-mail. The e-mail sharing button is merely a link to an e-mail provider (e.g. Outlook). Therefore, no data flows simply by accessing our website. Only when you click the button does the e-mail service provider find out which website you came from – as with any link. The further processing of this information is the sole responsibility of the e-mail service provider.
Instagram page
We have an Instagram profile. Instagram is provided by Meta. There is an agreement on joint responsibility (Page Controller Addendum) with Meta for the fulfillment of data protection obligations. This defines our responsibility on the one hand and Meta’s responsibility for the data processing operations specified therein on the other. You can find the link to this agreement at https://de-de.facebook.com/legal/controller_addendum/.
The legal basis for this data processing is Article 6 (1) lit. f GDPR. Our legitimate interest lies in
communicating and interacting with you via Instagram.
You have the right to object to the processing of cookies. Meta provides information about
Instagram’s cookies at the following link:
https://help.instagram.com/1896641480634370?ref=ig. If you log in to your user
account, you can adjust your advertising settings yourself.
Operator of the Instagram page:
Dr. Kleeberg & Partner GmbH
Augustenstr. 10
80333 Munich
E-mail:
Data protection officer:
Mr. Michael Benz
E-mail:
YouTube channel
We operate a YouTube channel. YouTube is a video portal provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google“). If you contact us via our YouTube channel, your data will be processed for the purpose of communicating and interacting with you.
The legal basis for the processing of personal data after interaction with the content of our YouTube channel by users is Article 6 (1) et seq. GDPR. Our legitimate interests lie in
communication and interaction with the users of our YouTube channel.
Your personal data is also processed by Google. You can find more information on this here: https://policies.google.com/privacy?hl=de#infocollect.
In some cases, information is transmitted to the parent company Google Inc. based in the USA, to other Google companies and to external partners of Google, each of which may be located outside the European Union. Google uses standard contractual clauses approved by the European Commission and the adequacy decisions issued by the European Commission regarding certain countries. You can find more information on data transfer here: https://policies.google.com/privacy?hl=de#infosharing.
Information on the duration of data storage by Google can be found at https://policies.google.com/privacy?hl=de#inforetaining.
If users’ personal data is processed, they have the right to information, correction, objection, transferability and deletion of the data in accordance with GDPR. Google is obliged to respond to corresponding requests. Google provides further information on your rights here: https://policies.google.com/privacy?hl=de#enforcement.
Your rights as a data subject
Apart from the rights already mentioned above, you have the following rights with regard to your personal data:
- Right of access (pursuant to Article 15 GDPR)
- Right to rectification or erasure (pursuant to Article 16, 17 GDPR)
- Right to restriction of processing (pursuant to Article 18 GDPR)
- Right to object to the processing (pursuant to Article 21 GDPR)
- Right to data portability (pursuant to Article 20 GDPR)
To assert your rights, please use the contact details below. To identify you more quickly as the authorized party and to be able to process your request quickly, please send us a text message.
You also have the right to lodge a complaint with a data protection supervisory authority about the processing of your personal data by us.
Links
In the case of links on our website to external companies or other third parties, Kleeberg is not responsible for the data protection requirements or the content of these websites.
Further information and contacts
If you have any questions about our privacy policy, our website or Kleeberg, please feel free to contact us by e-mail at or or by telephone on +49(0)89-55983-0.
We reserve the right to make additions or changes to this privacy policy.
The latest status of this Privacy Policy is dated October 01, 2024.