Privacy Policy

This Privacy Policy clarifies the nature, scope and purpose of how we process personal data (hereinafter referred to as „data“) in connection with our online services, the features and contents of our related websites as well as our online presence e.g. our social media profile (hereinafter referred to as „online services“).  With regard to the terminology used e.g. „processing“ or „controller“ we refer to the definitions in Article 4, GDPR. 


Bertschat & Hundertmark Consult Unternehmensberatung GmbH

Bernhard Bertschat
Thomas Hundertmark
Manfred Bertschat
Data Protection Officer: Torsten Walla

Lessingstraße 10
61231 Bad Nauheim

Tel.: +49 (0)6032 92670 0

Site Notice


Types of Data:

  • General records (e.g. names, addresses).
  • Contact information (e.g. email addresses, telephone numbers).
  • Content data (e.g. text, CV’s, photographs, charts, videos etc. held in the closed, password protected B&H career portal).
  • Usage data (e.g. websites visited, content interest, login/out times).
  • Network/communication data (e.g. device information, IP addresses).


Concerned Parties

Visitors and users of our online services (hereinafter referred to as „users“ or „data subjects“)


Purpose for Processing

  • The provision of online services, features and contents.
  • Answering requests and communicating with users.
  • Security measures.
  • Evaluation/marketing.


 Clarification of Terms

„Personal data“ means any information that can be related to an identified or identifiable individual (hereinafter the „data subject“); this person is one who can be identified directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.

 „Processing“ means any form of processing whether or not by automated means with reference to personal data. This terminology is extensive and covers virtually all data handling.

„Controller“ means the individual or legal entity, public authority, agency or another body that either alone or jointly with others, determines the purposes and means of the processing of personal data.


Relevant Legal Statutes

We hereby inform you that data is processed in accordance with Article 13, GDPR.  The following laws apply unless otherwise declared: the legal basis for obtaining consent is found in  Article 6, Paragraph 1(a) and  Article 7, GDPR; the legal basis for processing and performing services, the performance of contracts and responses to enquiries is found in Article 6 Paragraph 1(b), GDPR; the legal basis for processing data to fulfill our legal obligations is found in Article 6 Paragraph 1(c), GDPR and the legal basis for processing in order to protect our legitimate interest is found in Article 6 Paragraph 1(f), GDPR.  Article 6 Paragraph 1(d), GDPR applies where processing of the data is necessary to protect the vital interests of the data subject or another individual.


Working with Processors and Third Parties

If in the course of data processing, we disclose, transmit or grant access of data to other people and companies (processors or third parties) this will only occur on the basis of legal permission or an obligation, (e.g. a financial service provider in order to fulfill contractual obligations, in accordance with Article 6, Paragraph 1(b), GDPR for the performance of a contract), if the user has consented or on the basis of our legitimate interest (e.g. the use of agents, webhosts etc.).

If third parties are commisioned to process data on the basis of a so-called „Processing Contract“ then Article 28, GDPR will apply.


Data Transfer outside the EU/EEA

If we process data, or transfer and disclose data to a third party service provider in a country outside the EU (Economic Union) or EEA (European Economic Area), this occurs only in the case of fulfilling our contractual duties, on the basis of a legal obligation, consent from the user or on the basis of our legitimate interest. Special legal and contractual conditions apply to our processing or allowing data to be processed in these countries and  Article 44, GDPR applies. This means that the processing is carried out under specific guarantees such as the officially recognised EU data protection laws (or, for example, the Privacy Shield Agreement in the USA) or in compliance with other officially recognised contractual obligations (so-called „Standard Contractual Clauses“).


Data Subject Rights

You have the right to obtain confirmation as to whether or not your data is being processed, the nature and to access a copy of said data and further information under Article 15, GDPR.

You have the right under Article 16, GDPR to obtain the rectification of personal inaccurate data and the right to have incomplete personal data completed.

Under Article 17, GDPR, you have the right to obtain the erasure of personal data and you have the right to obtain the restriction of processing personal data under Article 18, GDPR.

You have the right to receive and transmit personal data to another controller under Article 20, GDPR.

Under Article 77, GDPR, you have the right to lodge a complaint with a Regulatory Supervisory Authority.


Right to Withdraw

You have the right under Article 7, Paragraph 3, GDPR to withdraw consent at any time.


Right to Object

Under Article 21, GDPR you have the right to object, at any time, to the processing of personal data when processed for the purposes of direct marketing activity.


Cookies and the Right to block Direct Marketing Activity

„Cookies“ are small files stored on the user’s computer.  A range of information can be stored on these cookies. In the main, they are used to store information about the user (e.g. the device the cookies are stored on) during and/or also after the user’s visit to an online service site.  Temporary cookies such as „session/transient cookies“ are those that are deleted when the user leaves the online service site and closes the browser. In such a cookie,  the contents of a shopping basket in an online shop or login information can be stored.  „Permanent/persistent“ cookies remain saved when the browser has been closed. Therefore, login information remains if the user visits the site several days later. In the same way, information about the user’s interest in the site can be stored for audience measurement and marketing purposes. „Third-Party-Cookies“ are those offered by different service providers to the controller (to whom „First-Party Cookies“ refer).

We hereby clarify under the terms of our privacy policy, that we may use temporary cookies.

If the user does not wish cookies to be saved then they will be asked to disable the option on the browser settings. Cookies saved can be deleted in the brower settings. However, this may lead to reduced functionalities of online services.

Cookies used for online marketing purposes, especially tracking, can be blocked by a range of methods explained either on the US website or the EU website Furthermore, cookies can be switched off but this may lead to reduced functionalities of the online service.


Data Deletion

According to Articles 17 & 18, GDPR, data stored by us will either be deleted or processing will be restricted. Unless explicitly stated to the contrary, data will be deleted when it is no longer required and as long as there are no legal requirements to keep it. If data is not deleted due to the need to retain it for other and legally permitted purposes, processing will be be restricted. This means that the data will be blocked and not used for other purposes. This relates, for example, to data that has to be kept for commercial or tax purposes.  


Web Hosting

In order to provide online services, we use hosting providers for the following: infrastructure and platform services, computer capacity, storage and database services, security and technical maintenance services.

Here, we and/or our hosting service provider process a range of inventory, contact, content, usage and statistical communication data from clients, interested parties and visitors. This processing is necessary for the purpose of our legitimate interest in providing a safe and efficent online service according to Article 6, Paragraph 1(f), GDPR in conjunction with Article 28, GDPR.


Collection of Data and Logfiles

We and our hosting provider, for the purpose of our legitimate interest, collect server access information as authorised under Article 6, Paragraph 1(f), GDPR. This information includes the following:

  • Browser type/version
  • Operating system
  • Referrer URL
  • Host ID
  • Time of request

The information obtained is not person-specific. The data will not be merged with other data sources. However, we reserve the right to check data retrospectively if we have concrete evidence of illegal activities.


Contact with B&H

When making contact with us (e.g by phone, email, social media, contact form), your information will be processed according to Article 6, Paragraph 1(b), GDPR. The data may be stored in the Customer Relationship Management System („CRM System“) or that of a similar service provider.

We will delete the requests when no longer required.



Please find below information about the content of our newsletters as well as registration, dispatch and statistical evaluation procedures together with your rights to opt out. By subscribing to our newsletter you declare yourself in agreement with our terms.

Content: We send newsletters, emails and additional electronic news with advertising information about our area of business – „Conflict free HR Restructuring“ (hereinafter referred to as „newsletter“). This is only sent with the permission of the recipient or with legal permission. The content of the newsletter is available for you to use. In addition, the newsletter contains information about us and our services.

Double-Opt-In and login procedure: subscription to our newsletter works by means of a double-opt-in process. Therefore, following registration, you will receive an email asking you to comfirm your subscription. This confirmation serves to ensure that an individual with another email address cannot register on your behalf and this confirmation will be logged. It verifies that the process has been carried out according to legal requirements. The registration, time of confirmation and the IP address will be stored.

In order to subscribe to our newsletter, we simply require your email address.

Germany: The dispatch of newsletters and related success measurement is based on either the consent of the recipient under Article 6, Paragraph 1(a), GDPR , Article 7, GDPR in conjunction with § 7 (2) Nr. 3 UWG or in the case of legal permission § 7 (3) UWG.

The registration process is logged for the purpose of our legitimate interest, in accordance with Article 6, Paragraph 1(f), GDPR. Thus, the newsletter system is user-friendly, secure and serves the interests of the client. It also serves our business interests whilst fulfilling the user’s expectations – and is sent with the user’s express permission.

Cancellation – you may cancel your subscription to our newsletter at any time. You will find a link at the bottom of each newsletter.  We may store email addresses of cancelled subscribers. A request to cancel your subscription will only be successful if that subscription has been previously confirmed.


Newsletter – Success Measurement

The newsletter contains a web beacon – a transparent image file (GIF) that runs when the newsletter is opened. Initially, information of a technical nature – the browser/system, the IP address and time of opening is gathered.

This data is used to make technical improvements to our service based on the information, the audience, their reading habits, location (from the IP address) or time of access.  Statistics will also show if the newsletter was opened, when and which links were clicked.  Technically this information can identify specific recipients. However, it is not our objective to observe individual users.  The results allow us to understand our users‘ reading habits better and thereby to target our contents more specifically to them.


Live Chat Function

This website utilises Userlike, a Live-Chat Software programme of Userlike Ltd, Probsteigasse 44-46, 50670 Cologne, Germany. Userlike uses cookies, text files that will be stored on your computer to enable you to have a personal conversation in the form of a real-time chat.  Data collected will not be used to identify visitors; neither will it be used to ascertain information about the psuedonymous owner. Information on Userlike‘s privacy policy can be found on:


Online Social Media Activity

We are actively present online on social networks and platforms in order to keep in contact with clients, interested  parties and users and to let them know about our services.  Terms, conditions and data processing guidelines of the individual operators apply.

Unless otherwise stated in our Privacy Policy, we process data if the user communicates with us through these networks and platforms, e.g. posts on our online services or messages received.


Service Integration and Third Party Contents

Based on our legitimate interest (the analysis, optimisation and provision of an online business service within the meaning of  Article 6, Paragraph 1(f), GDPR) we make use of content or services from third party providers including, for example, videos or fonts (hereinafter referred to as „contents”).

This is always based on the assumption that the third party of this content has the IP address as it would not be possible to communicate with the user’s browser without it. We strive to ensure that only these contents are transferred by such third parties. Pixel-tags (invisible files, also known as „web beacons“) may be used by third parties for statistical or marketing purposes.  By this means, visitor traffic information can be analysed. This pseudonymous information can also be stored in cookies on the user’s device and may additionally include (but is not limited to) technical information about the browser/system, referrer websites, time of visit, plus additional  information relating to the use of our online services and from other sources.


Google Maps

We have incorporated maps from the service provider „Google Maps” of  Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google privacy policy: Opt-Out:


Google Fonts

We have incorporated fonts („Google Fonts“) from the service provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google privacy policy: Opt-Out:



The features and services of XING plc, Dammtorstraße 29-32, 20354 Hamburg, Germany can be integrated with our online services.  Content can include images, videos and text employed  by users to promote their services and for subscription purposes. If the user is a member of the Xing platform, the latter can assign those contents to the user’s profile. Xing privacy policy:



The features and services of LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA  can be integrated with our online services.  Content can include images, videos and text employed  by users to promote their services and for subscription purposes. If the user is a member of the LinkedIn platform, the latter can assign those contents to the user’s profile.  LinkedIn privacy policy: LinkedIn is a certified member of the Privacy Shield Agreement and complies with European privacy legislation.( ). LinkedIn opt-out:


© Bertschat & Hundertmark Consult Unternehmensberatung GmbH

Lessingstrasse 10
61231 Bad Nauheim / Germany
T: +49 (0)6032 92670 0
F: +49 (0)6032 92670 99

Follow us:
  • XING
Diese Website nutzt Cookies, um bestmögliche Funktionalität bieten zu können. Mehr Infos