When you visit this website, your personal data will be processed. Personal data is all data with which you can be personally identified. The following information explains which data we collect and for what purpose. For detailed information on the subject of data protection, please refer to our data protection declaration listed below this text.
Data processing on this website is carried out by the website operator. You can find the operator's contact details in the legal notice of this website.
On the one hand, your data is collected when you provide it to us voluntarily. This may, for example, be data that you transmit to us as part of an application.
On the other hand, data is automatically collected by our IT systems when you visit this website. This is primarily technical data, e.g. internet browser, operating system type and version, time of access and IP address.
Some of the data is collected to ensure the error-free provision of the website and the security of our website.
Another part of the data may be used to analyze your usage behavior and to statistically evaluate your interests.
You have the right to receive information free of charge at any time about the purpose, the categories of personal data processed, the recipient, the duration of storage and the origin of the data stored about you. You also have the right to request the rectification of inaccurate data and/or the erasure or restriction of processing. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
The operator of this website takes the protection of your personal data very seriously. We treat your personal data with the utmost confidentiality and in accordance with the statutory data protection regulations and this privacy policy.
We would like to point out that data transmission over the Internet (e.g. when communicating by email) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data. The controller responsible for data processing on this website is
SUSTAYNR GmbH (i.G.)
c/o H&Z Unternehmensberatung AG
Max-Joseph-Straße 6
80333 Munich
E-mail: team@esg-score.org
Many data processing operations are only possible with your express consent. You can withdraw your consent at any time. All you need to do is send us an informal e-mail. Your withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
If you believe that the processing of your personal data violates data protection regulations, you have the right to lodge a complaint with the competent supervisory authority.
As a rule, you can contact the supervisory authority at your usual place of residence or workplace or at the registered office of our law firm (Bavarian State Commissioner for Data Protection and Freedom of Information). A list of the state data protection officers and their contact details can be found at the following link:
Addresses and links
You also have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a structured, commonly used and machine-readable format. If you request the direct transfer of the data to another controller, this will only take place if it is technically feasible.
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator, in compliance with data protection regulations pursuant to Art. 32 GDPR. You can recognize an encrypted connection on the one hand by the fact that the address line of the browser changes from "http://" to "https://" and on the other hand by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
When you visit our website, your surfing behavior can be statistically evaluated. This is done in particular through the use of cookies and with so-called analysis programs. The analysis is carried out anonymously so that the surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy.
If we transfer data to third countries, i.e. countries outside the European Union, the transfer takes place exclusively in compliance with the legal requirements. If the transfer of data to a third country does not serve to fulfill our contract with you, we do not have your consent, the transfer is not necessary for the assertion, exercise or defense of legal claims and no other exception under Art. 49 GDPR applies, we will only transfer your data to a third country if an adequacy decision pursuant to Art. 45 GDPR or suitable guarantees pursuant to Art. 46 GDPR exist. One of these adequacy decisions is Commission Implementing Decision (EU) 2016/1250 of 12.07.2016 on the so-called "EU-US Privacy Shield" for the USA. For transfers to companies that are certified under the EU-US Privacy Shield, the level of data protection is generally considered adequate within the meaning of Art. 45 GDPR.
You have the right to request information free of charge at any time about your personal data processed and stored by us, the purposes of the data processing, the categories of personal data processed, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information on its details. To exercise your rights, you can send an email to team@esg-score.org at any time.
We hereby object to the use of the contact data published in the legal notice for sending unsolicited advertising and information material. In the event of the unsolicited sending of advertising information, such as spam e-mails, the operator of the site reserves the right to take legal action.
The provider of the website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us when you visit the website. These are
These files are not merged with other data sources.
The basis for data processing is Art. 6 para. 1 lit. b, f GDPR, which permits the processing of data for the fulfillment of a contract or a pre-contractual measure, as well as for the protection of legitimate interests. The legitimate interest here is the technically error-free and optimized provision of our services for you.
If you contact us by email, telephone or directly, we will store and process your request, including all personal data resulting from it (name, contact details, request itself) for the purpose of processing your request. We will not pass on this data without your consent.
The processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR if your request is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and/or on our legitimate interest pursuant to Art. 6 para. 1 lit. f. GDPR, as we have a legitimate interest in the effective processing of the requests addressed to us. You can revoke this consent at any time. All you need to do is send us an informal email. Your withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.
The data you send to us via contact requests will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies, e.g. due to the completed processing of your request. Mandatory statutory provisions - in particular retention periods - remain unaffected.