Privacy Policy

I am very pleased about your interest in my company. Data protection is of particularly high importance to the management of TheHappyDogs Training and Behavioral Consulting. The use of the website of TheHappyDogs Training and Behavioral Consulting is generally possible without providing any personal data. However, if a data subject wishes to make use of special services via my website, the processing of personal data may become necessary. If the processing of personal data is required and there is no legal basis for such processing, I generally obtain the consent of the data subject.

The processing of personal data, such as the name, address, email address, or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection regulations applicable to TheHappyDogs Training. By means of this privacy policy, my company wishes to inform the public about the type, scope, and purpose of the personal data collected, used, and processed by me. Furthermore, data subjects are informed of the rights to which they are entitled.

As the controller responsible for processing, TheHappyDogs Training and Behavioral Consulting has implemented numerous technical and organizational measures to ensure the most complete protection possible of personal data processed through this website. Nevertheless, internet-based data transmissions may generally have security gaps, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to me by alternative means, for example by telephone.

1. Definitions

This privacy policy of TheHappyDogs Training and Behavioral Consulting is based on the terminology used by the European legislator when adopting the General Data Protection Regulation (GDPR). My privacy policy is intended to be easy to read and understand for the public, customers, and business partners. To ensure this, I would like to explain the terminology used in advance.

In this privacy policy, I use, among others, the following terms:

a) Personal Data

Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

b) Data Subject

A data subject is any identified or identifiable natural person whose personal data is processed by the controller.

c) Processing

Processing means any operation or set of operations performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

d) Restriction of Processing

Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future.

e) Profiling

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements of that natural person.

f) Pseudonymization

Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and subject to technical and organizational measures ensuring that the personal data are not attributed to an identified or identifiable natural person.

g) Controller

Controller means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

h) Processor

Processor means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

i) Recipient

Recipient means a natural or legal person, public authority, agency, or another body to which personal data are disclosed, whether a third party or not. However, authorities which may receive personal data in the framework of a particular investigation in accordance with Union or Member State law shall not be regarded as recipients.

j) Third Party

Third party means a natural or legal person, public authority, agency, or body other than the data subject, the controller, the processor, and persons authorized to process personal data under the direct responsibility of the controller or processor.

k) Consent

Consent means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they signify agreement to the processing of personal data relating to them, either by a statement or by a clear affirmative action.

2. Name and Address of the Controller

Controller within the meaning of the GDPR and other data protection laws applicable in the Member States of the European Union is:

TheHappyDogs Training and Behavioral Consulting

Ulrike Däxl
Tannenstraße 7
85640 Putzbrunn
Germany

Phone: +49 178 8936900
Email: info@thehappydogs.de
Website: www.thehappydogs.de

3. Cookies

The website of TheHappyDogs Training and Behavioral Consulting uses cookies. Cookies are text files that are placed and stored on a computer system via an internet browser.

Many websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters that allows websites and servers to assign the specific internet browser in which the cookie was stored. This enables visited websites and servers to distinguish the individual browser of the data subject from other browsers that contain different cookies.

Through the use of cookies, TheHappyDogs Training and Behavioral Consulting can provide users of this website with more user-friendly services that would not be possible without cookie setting.

By means of a cookie, the information and offers on my website can be optimized in the interest of the user. Cookies allow me, as already mentioned, to recognize users of my website. The purpose of this recognition is to make it easier for users to use my website. For example, a user does not have to re-enter login data each time they visit the website, because this is handled by the website and the cookie stored on the user’s computer system.

The data subject may, at any time, prevent the setting of cookies through my website by means of a corresponding setting of the internet browser used and may thus permanently object to the setting of cookies. Furthermore, already set cookies may be deleted at any time via an internet browser or other software programs. This is possible in all common internet browsers. If the data subject deactivates the setting of cookies in the internet browser used, not all functions of my website may be fully usable.

To manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and the related consents, we use the consent tool “Real Cookie Banner.” Details on how “Real Cookie Banner” works can be found at:
https://devowl.io/rcb/data-processing/

The legal bases for the processing of personal data in this context are Art. 6(1)(c) GDPR and Art. 6(1)(f) GDPR. Our legitimate interest lies in the management of the cookies and similar technologies used and the associated consents.

The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide personal data. If you do not provide personal data, we cannot manage your consents. 

4. Collection of General Data and Information

The website of TheHappyDogs Training and Behavioral Consulting collects a series of general data and information each time a data subject or an automated system accesses the website. This general data and information are stored in the server log files.

The following may be collected:

  1. Browser types and versions used

  2. The operating system used by the accessing system

  3. The website from which an accessing system reaches my website (so-called referrer)

  4. Subpages accessed via an accessing system on my website

  5. The date and time of access to the website

  6. An Internet Protocol address (IP address)

  7. The Internet service provider of the accessing system

  8. Other similar data and information used for security purposes in case of attacks on our information technology systems

When using these general data and information, TheHappyDogs Training and Behavioral Consulting does not draw any conclusions about the data subject.

Rather, this information is needed to:

  1. Deliver the contents of our website correctly

  2. Optimize the content of our website and advertising

  3. Ensure the long-term functionality of our IT systems and website technology

  4. Provide law enforcement authorities with necessary information in case of a cyberattack

These anonymously collected data and information are therefore evaluated statistically and with the aim of increasing data protection and data security in my company, ultimately ensuring an optimal level of protection for the personal data processed. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

5. Contact Possibility via the Website

Due to legal regulations, the website of TheHappyDogs Training and Behavioral Consulting contains information that enables a quick electronic contact with my company and direct communication with me, including a general email address.

If a data subject contacts the controller by email or via a contact form, the personal data transmitted by the data subject are automatically stored.

Such personal data voluntarily transmitted by a data subject are stored for the purpose of processing the request or contacting the data subject. These personal data will not be passed on to third parties.

6. Routine Erasure and Blocking of Personal Data

The controller processes and stores personal data of the data subject only for the period necessary to achieve the purpose of storage or insofar as this is provided for by the European legislator or other legislators in laws or regulations to which the controller is subject.

If the storage purpose ceases to apply or a storage period prescribed by law expires, personal data are routinely blocked or erased in accordance with legal requirements.

7. Rights of the Data Subject

a) Right to Confirmation

Every data subject has the right granted by the European legislator to obtain confirmation from the controller as to whether personal data concerning them are being processed. If a data subject wishes to exercise this right, they may contact an employee of the controller at any time.

b) Right of Access

Every data subject has the right to obtain free information at any time about their stored personal data and a copy of this information.

Furthermore, the data subject has the right to receive information about:

  • the purposes of processing

  • the categories of personal data processed

  • the recipients or categories of recipients to whom personal data have been or will be disclosed, especially in third countries or international organizations

  • where possible, the planned duration of storage or the criteria used to determine that duration

  • the existence of the right to rectification or erasure of personal data or restriction of processing or objection to processing

  • the existence of the right to lodge a complaint with a supervisory authority

  • where personal data are not collected from the data subject, all available information about their source

  • the existence of automated decision-making, including profiling pursuant to Art. 22(1) and (4) GDPR, and meaningful information about the logic involved and the significance and consequences of such processing

The data subject also has the right to be informed whether personal data have been transferred to a third country or international organization and about appropriate safeguards relating to such transfer.

c) Right to Rectification

Every data subject has the right to request the immediate correction of inaccurate personal data concerning them. Taking into account the purposes of processing, the data subject also has the right to request completion of incomplete personal data.

d) Right to Erasure (Right to Be Forgotten)

Every data subject has the right to request immediate erasure of personal data where one of the following grounds applies:

  • The personal data are no longer necessary for the purposes for which they were collected.

  • The data subject withdraws consent and there is no other legal basis.

  • The data subject objects to processing pursuant to Art. 21 GDPR and there are no overriding legitimate grounds.

  • The personal data were unlawfully processed.

  • Erasure is required for compliance with a legal obligation.

  • The personal data were collected in relation to information society services pursuant to Art. 8 GDPR.

Where personal data have been made public and we are obliged to erase them, we will take reasonable steps, including technical measures, to inform other controllers processing the data that the data subject has requested erasure.

e) Right to Restriction of Processing

The data subject has the right to request restriction of processing where:

  • The accuracy of personal data is contested

  • The processing is unlawful and the data subject opposes erasure

  • The controller no longer needs the data but the data subject requires them for legal claims

  • The data subject has objected and it is not yet clear whether legitimate grounds override

f) Right to Data Portability

The data subject has the right to receive personal data in a structured, commonly used, and machine-readable format and to transmit those data to another controller where processing is based on consent or contract and carried out by automated means.

g) Right to Object

The data subject has the right to object at any time to processing based on Art. 6(1)(e) or (f) GDPR.

If personal data are processed for direct marketing purposes, the data subject has the right to object at any time to such processing, including profiling related to direct marketing.

h) Automated Individual Decision-Making Including Profiling

The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or significantly affects them, unless legally permitted or based on explicit consent.

i) Right to Withdraw Consent

Every data subject has the right to withdraw consent to the processing of personal data at any time. 

8. Legal Basis for Processing

Art. 6(1)(a) GDPR serves our company as the legal basis for processing operations for which I obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case for example with processing operations necessary for the supply of goods or the provision of services, the processing is based on Art. 6(1)(b) GDPR.

The same applies to processing operations necessary to carry out pre-contractual measures, for example in the case of inquiries about my products or services.

If my company is subject to a legal obligation which requires the processing of personal data, such as for compliance with tax obligations, the processing is based on Art. 6(1)(c) GDPR.

In rare cases, the processing of personal data may be necessary to protect vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were injured on my premises and then information such as name, age, health insurance data, or other vital information had to be passed on to a doctor, hospital, or other third parties. In this case, the processing would be based on Art. 6(1)(d) GDPR.

Finally, processing operations may be based on Art. 6(1)(f) GDPR. This legal basis applies to processing operations not covered by any of the above legal bases, where processing is necessary for the purposes of legitimate interests pursued by our company or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject. Such processing operations are permitted in particular because they were specifically mentioned by the European legislator. In this respect, the European legislator took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47 sentence 2 GDPR).

9. Legitimate Interests Pursued by the Controller or a Third Party

Where the processing of personal data is based on Art. 6(1)(f) GDPR, our legitimate interest is the conduct of my business activities for the benefit of the well-being of all my employees and my shareholders.

10. Duration for Which Personal Data Are Stored

The criterion for the duration of storage of personal data is the respective statutory retention period. After the expiry of this period, the corresponding data are routinely deleted, provided they are no longer necessary for contract performance or for the initiation of a contract.

11. Legal or Contractual Requirements to Provide Personal Data; Necessity for Contract Conclusion; Obligation to Provide Personal Data; Possible Consequences of Failure to Provide Data

I inform you that the provision of personal data is partly required by law (e.g., tax regulations) or may result from contractual arrangements (e.g., information about the contracting party). In some cases, it may be necessary for a contract to be concluded that a data subject provides personal data which subsequently must be processed by me.

For example, the data subject is required to provide personal data if my company concludes a contract with them. Failure to provide the personal data would mean that the contract could not be concluded with the data subject.

Before the data subject provides personal data, the data subject must contact one of my employees. My employee will clarify on a case-by-case basis whether the provision of personal data is required by law or contract, or necessary for the conclusion of a contract, whether there is an obligation to provide the personal data, and what the consequences of not providing the personal data would be.

12. Existence of Automated Decision-Making

As a responsible company, I do not use automated decision-making or profiling.

Developed by the legal tech specialists Willing & Able, who also developed the system for electronic contract signing. The texts of the privacy policy generator were created by Prof. Dr. h.c. Heiko Jonny Maniero and attorney-at-law Christian Solmecke and published.