Data Privacy

Porsche Consulting GmbH

Thank you for visiting our website and for your interest in Porsche Consulting and our services. In order for you to feel safe and comfortable when visiting our website, we take the protection of your personal data and its confidential treatment very seriously.

With these notes on data protection, we would like to inform you about when we store which data and for what purpose we use it – of course in compliance with the applicable data protection regulations.

If you have any further questions regarding the handling of your personal data, please feel free to contact our Data Protection Officer, whose contact details you will find below.

 

1. Concept of personal data

Under the General Data Protection Regulation, personal data is any information relating to an identified or identifiable natural person (hereinafter the “data subject”). A natural person is regarded as identifiable if they can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Personal data includes, for example, your address, your telephone number or your date of birth.

 

2. Collection and processing of personal data at Porsche Consulting GmbH

We process your personal data for the following purposes and on the following legal basis:

 

2.1 Visit to our website

When you use the website purely for information purposes, i.e. you do not register or otherwise transmit information to us, we only collect the personal data that your browser transmits to our server. This data is technically necessary for us to display the website to you and to ensure its stability and security. The legal basis for this is Art. 6 para.1 lit. f GDPR. The data processing covers, in particular, the following data:

  • IP Adresse
  • Date and time of the request
  • Time zone difference from Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • The volume of data transferred in each case
  • Website from which the request originates
  • Browser
  • Operating system and its interface
  • Language and version of the browser software

In order to deliver certain content of our website to you quickly and efficiently, we use the “Content Delivery Network” (CDN) of the provider Prospect One (sp. z o.o., Królewska 65A/1, 30-081 Kraków, Poland). A CDN is a service that, with the help of regionally distributed servers, helps to deliver the content of our website more quickly. The user data is processed exclusively for these purposes as well as for the security and integrity of the systems, which also constitutes our legitimate interest within the meaning of Art. 6 para.1 lit. f GDPR.

Your data is transferred to servers within the EU; a transfer to a third country outside the EU/EEA is not envisaged.

 

2.2 Processing of customer data

We use the cloud-based CRM system Salesforce to manage our sales- and customer-related processes. The provider of the CRM system we use is salesforce.com Germany GmbH, Erika-Mann-Straße 31–37, 80636 Munich, Germany. The parent company is Salesforce Inc., Salesforce Tower, 415 Mission Street, San Francisco, CA 94105, USA.

Salesforce is a software solution that supports various sales- and customer-related processes, in particular contact management, opportunity management and lead management.

In this context, depending on the respective contact channel and the specific reason for the processing, we may process in particular the following personal data:

  • Master data (e.g. first name, last name and, where applicable, title)
  • Contact data (e.g. business e-mail address, telephone number)
  • Company-related data (e.g. company name, position, department)
  • Communication content (e.g. enquiries, notes on conversations, offer-related information)
  • Contract master data (e.g. contract number, term, notice period and type of contract)
  • Invoice data and revenue data 
  • Technical metadata and communication data (e.g. date and time of contact)

The data is stored in Salesforce and used there in particular for the structured processing of enquiries, the maintenance of customer and business contacts, and internal sales planning and management.

Legal Bases for Processing

Where the processing of your data serves the initiation or performance of a contract with you (e.g. responding to specific enquiries, preparing and conducting contract negotiations), the processing is carried out on the basis of Article 6 para.1 lit. b GDPR.

Where the processing is necessary to safeguard our legitimate interests or the legitimate interests of third parties, it is carried out on the basis of Article 6 para.1 lit. f GDPR. Our legitimate interests consist, in particular, of:

  • the efficient organization of customer, prospect and contact person data,
  • the structured follow-up of enquiries, leads and opportunities,
  • the planning and documentation of sales activities,
  • the evaluation and management of our sales activities through reports and dashboards.

Where we are subject to a legal obligation, the processing is carried out on the basis of Article 6 para.1 lit. c GDPR. This concerns, in particular, statutory control, documentation, retention and reporting obligations.

If you have given us your consent to the collection, processing or transfer of certain personal data, the processing of this data is carried out on the basis of Article 6 para.1 lit. a GDPR. This may be relevant, in particular, in the following cases:

  • Sending an e-mail newsletter
  • Personalised newsletter tracking
  • Market research (e.g. customer satisfaction surveys)
  • Marketing and advertising – creation of customer profiles
  • Publication of a customer reference (name and image)

Data Processing on Behalf and Third-Country Transfers

In this context, Salesforce generally acts as a processor within the meaning of Article 28 GDPR. We have concluded a corresponding data processing agreement with Salesforce.

Salesforce operates its services via globally distributed data centers and group companies. It therefore cannot be ruled out that personal data may also be transferred to third countries outside the EU or the EEA, in particular the USA, or accessed from there.

According to publicly available information, Salesforce is certified under the EU-US Data Privacy Framework. For corresponding data transfers to the USA, the adequacy decision of the European Commission pursuant to Article 45 GDPR may therefore apply. Further information on the EU-US Data Privacy Framework Program can be found on the official ITA website: https://www.dataprivacyframework.gov/s. Where no adequacy decision applies, the transfer is carried out, according to Salesforce, on the basis of appropriate safeguards pursuant to Article 46 GDPR.

Further information on data processing by Salesforce can be found at: https://www.salesforce.com/de/company/privacy/.

Use of LinkedIn Sales Navigator in Connection with Salesforce CRM

As part of our CRM system, we also use the professional network LinkedIn, in particular LinkedIn Sales Navigator, to identify potential business partners, maintain existing contacts and document communication and contact histories.

For this purpose, selected contact and profile data from LinkedIn Sales Navigator – insofar as such data is accessible to us there in the context of a business contact – may be imported into our Salesforce CRM, consolidated there and linked with information already held about companies and contact persons.

In particular, the following personal data may be processed:

  • Master data (e.g. name, academic degree, professional position/function, company affiliation)
  • Business and contact data (e.g. business e-mail address, business telephone number, business address, LinkedIn profile URL)
  • Profile data from LinkedIn, insofar as it is publicly visible in a professional context (e.g. career history, industry, interests in a business context)
  • Communication and interaction data (e.g. information about contact initiation, message histories, notes, status in the sales process, such as lead, opportunity or customer)
  • Assignment to companies, projects, products or sales opportunities

The personal data originates from publicly accessible professional profiles and information, in particular on LinkedIn (LinkedIn Sales Navigator), from existing business relationships and from previous communication with you or your company.

The processing is carried out on the basis of Article 6 para.1 lit. f GDPR. Our legitimate interest lies in the efficient and targeted contacting of contact persons in a business environment, the maintenance of customer and prospect relationships, and the documentation of sales activities. Where the processing is connected with the initiation or performance of a contractual relationship with you, Article 6 para.1 lit. b GDPR may additionally apply.

You may object to the processing at any time without formal requirements by contacting our Data Protection Officer. In addition, you can control or restrict the visibility and use of your personal data within your LinkedIn profile via LinkedIn’s privacy settings. Further information can be found at: https://www.linkedin.com/mypreferences/d/categories/account.

For the use of LinkedIn, LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, is the controller within the meaning of the GDPR. We have no influence over data processing carried out by LinkedIn itself. Further information on data processing by LinkedIn can be found at: https://de.linkedin.com/legal/privacy-policy.

Processing of Customer Data with Altify Insights

Within our CRM system, we also use Altify Insights, a software solution integrated into Salesforce for the structured presentation and visualization of customer relationships, contact persons and sales-related information. The provider of the service is Altify LLC, 10100 Santa Monica Blvd, Suite 1400, Los Angeles, CA 90067, USA.

Altify Insights is used to display contact and relationship structures, provide an overview of contact person roles and visualize sales-related information in the context of existing or prospective business relationships. Altify itself does not independently analyse or evaluate personal data. The information displayed in Altify Insights is maintained exclusively manually by our employees.

In this context, the following personal data may be processed in particular:

  • Master data of contact persons (e.g. first name, last name and, where applicable, title)
  • Contact data (e.g. business e-mail address, telephone number)
  • Company-related data (e.g. company name, position, department)
  • Information on business relationships and contact person roles
  • Communication and sales-related information (e.g. conversation notes, responsibilities, contact person constellations, information on enquiries, opportunities and customer needs)

The processing is carried out on the basis of Article 6 para.1 lit. f GDPR. Our legitimate interest consists, in particular, in the efficient organization and visualization of customer and contact person structures, internal sales planning, and the structured follow-up of business relationships.

In this context, Altify generally acts as a processor within the meaning of Article 28 GDPR. We have concluded a corresponding data processing agreement with Altify.

Since Altify LLC is located in the USA, it cannot be ruled out that personal data may be transferred to and processed in the USA, or accessed from there. For these cases, we have concluded corresponding EU Standard Contractual Clauses (EU SCCs) with Altify.

Further information on data processing by Altify can be found at: https://altify.com/privacy-policy/.

 

2.3 Contact form

You have the option of contacting us via our e-mail address or the contact form. In this respect, the legal basis is our legitimate interest in answering your enquiry pursuant to Art. 6 para.1 lit. f GDPR.

Insofar as we request entries via our contact form that are not necessary for making contact, we have always marked these as optional. This information helps us to specify your enquiry and to handle your request more effectively. The provision of this information is expressly on a voluntary basis and with your consent. Insofar as this concerns information on communication channels (for example e-mail address, telephone number), you also consent to us contacting you via this communication channel where necessary in order to answer your request. Insofar as you provide information that has been marked as optional, the legal basis for the processing is your consent pursuant to Art. 6 para.1 lit. a GDPR.

You can withdraw this consent at any time with effect for the future. For this purpose, please contact our Group Data Protection Officer, whose contact details you will find below.

 

2.4 Surveys

As our client, you may be asked to participate in satisfaction surveys or surveys conducted within the scope of project execution. For this purpose, we use the software solution “LamaPoll” provided by Lamano GmbH & Co. KG, Prenzlauer Allee 36G, 10405 Berlin.

When you take part in a survey, you are redirected to the provider's website. Please observe the provider's data protection information in this regard.

The surveys are generally possible anonymously. The provision of personal data within the scope of such a survey is always optional. Insofar as you decide to voluntarily provide information about yourself, such personal data is processed on the basis of your consent pursuant to Art. 6 para.1 lit. a GDPR. You can withdraw this consent at any time, without giving reasons, with effect for the future. Please send your withdrawal to the contact addresses given below.

 

2.5 Telephone contact

Insofar as we contact you by telephone for an initial approach, we have either generated your data from public sources or we use the information that you have provided to us. The legal basis is our legitimate interest, Art. 6 para.1 lit. f GDPR. Our interest in carrying out the initial telephone contact outweighs the interest of the data subjects, since we approach exclusively B2B clients via contact channels obtained from public sources and the contact relates to specific matters in connection with the data subject's business activity. During the initial telephone contact, we merely ask whether there is an interest in being contacted and do not yet provide extensive information about our services.

 

2.6 Advertising to existing customers by Porsche Consulting GmbH

If we receive your e-mail address and postal address within the scope of an engagement, we may use this data to inform you henceforth by e-mail and by post about our own similar product and service offerings. Should you not wish to receive any further advertising information by e-mail or post, you can object to the use of your contact data for advertising purposes at any time with effect for the future, without incurring any costs other than the transmission costs according to the basic tariffs. You can send your objection to the contact addresses given below.

 

2.7 Information about events, news, etc.

Among other things, you can subscribe on our website to regular information from Porsche Consulting GmbH and its affiliated foreign companies about events, news and projects, as well as about current developments and opportunities for cooperation. The legal basis for sending the information is your consent pursuant to Art. 6 para.1 sentence 1 lit. a GDPR in conjunction with Sec. 7 para.2 no. 3 of the German Act Against Unfair Competition (UWG), or the statutory permission pursuant to Sec. 7 para.3 UWG.

For registration, we use the so-called double opt-in procedure. This means that, after your registration, we send an e-mail to the e-mail address you have provided, in which we ask you to confirm that you wish to receive information from us. If you do not confirm your registration, your information is automatically deleted after 3 days.

The only mandatory information is data concerning the form of address, your company affiliation and your e-mail address. The provision of further data is voluntary. All data is used so that we can address you personally. After your confirmation, we store your e-mail address for the purpose of sending information until you withdraw your consent. We also store your IP address current at the time of registration, the time of registration and the confirmation for up to three years after registration (limitation period). The purpose of this procedure is to be able to prove your registration in case of doubt and, if necessary, to clarify any misuse of your personal data. The legal basis for logging the registration is our legitimate interest pursuant to Art. 6 para.1 sentence 1 lit. f GDPR in proving consent that was previously given; see also Art. 7 para.1 GDPR.

You can withdraw your consent to receive regular information and unsubscribe at any time. You can declare your withdrawal either by clicking the link provided in our e-mails or by e-mail to the contact details given below.

 

2.8 Applications

You can apply online at Porsche Consulting via our application portal. Your online application is forwarded directly to the HR department via an encrypted connection and is of course treated confidentially. We will use your details exclusively for processing your application and will not pass them on to third parties outside the Porsche Group (Sec. 26 para.1 of the German Federal Data Protection Act, BDSG). If you have applied for a specific position and it has already been filled, or if we consider you to be equally or even better suited for another position, we will forward your application within the Group with your consent. Your personal data is deleted immediately upon completion of the application procedure, or after a maximum of 6 months, unless you have expressly given us your consent for longer storage of your data. For further information on data processing within the scope of the application procedure, please refer to the data protection declaration of our application portal. Please note that we offer the applicant portal exclusively for applications. Should you nevertheless apply to us by e-mail, we expressly point out that e-mail attachments are not encrypted.

 

2.9 Data processing at trade fairs

If you provide us with your contact data at a trade fair, for example by giving us your business card, we record this data in our client data system. We use your data to contact you as requested, to build a business relationship or to send you information material (Art. 6 para.1 lit. a, b and f GDPR).

 

2.10 Customer satisfaction surveys

We want our customers to be satisfied with our services and to derive the greatest possible benefit from them. In order to find out whether our consulting meets your ideas and expectations, we conduct a satisfaction survey up to twice within the scope of a project. For this, an e-mail with a request to take part in the survey on the specific project is sent to the main contact person. To process the survey, we use the contact person's first and last name, organizational affiliation, function and e-mail address. The personal data is processed exclusively for carrying out the customer satisfaction survey. You can object to the processing of the data at any time with effect for the future. A corresponding link can be found in every e-mail; alternatively, the objection can be sent at any time to our Data Protection Officer at the contact details given below. The legal basis for carrying out the customer satisfaction survey is Article 6 para.1 lit. f GDPR in conjunction with Sec. 7 para.3 UWG.

 

2.11 Adobe Sign

For the digital signing of contracts and documents, we use the software Adobe Sign provided by Adobe Systems Software Ireland Limited, with its registered office at 4-6 Riverwalk, City West Business Campus, Saggart D24, Dublin, Ireland (“Adobe Sign”). For this purpose, Adobe Sign processes the data you enter when using the service, usage data of your device, and transaction-related data. Adobe Sign stores all personal data on servers within the EU. The legal basis is Art. 6 para.1 lit. b and f GDPR. Further information on data processing by Adobe Sign can be found in Adobe's privacy center.

 

2.12 Microsoft Teams session recording and transcription

Insofar as you have given your consent, Microsoft Teams sessions can be transcribed and/or recorded. Microsoft Teams is part of the Microsoft Office 365 Cloud and is provided by Microsoft Ireland Ltd., One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland.

Transcription

The transcription function of Microsoft Teams converts spoken words into text in real time using artificial intelligence. It uses meeting invitations, participant names and attachments to identify technical terms. Microsoft guarantees that no third-party access occurs, that the AI models are removed after each meeting, and that the data is neither used to improve its own AI nor stored.

The transcription serves to document spoken content and enables the automated transcription of agreements and work results. If a Microsoft Teams session is transcribed, Microsoft automatically processes the following personal data of the participants:

  • Names of participants
  • Attachments
  • Speech / audio
  • Image / video
  • Chat histories

The transcript is stored by the organizer on internal IT systems.

Video and audio recording

Furthermore, a Microsoft Teams session can also be carried out as a video and audio recording with your explicit consent. The recording may include the following content:

  • Spoken contributions (audio)
  • Camera images of participants (video)
  • Screen sharing
  • Chat messages
  • Shared content (e.g. presentations, files)

The recording serves exclusively the purpose stated in the invitation (e.g. documentation, internal follow-up, training) and is only carried out with your prior consent. In addition, you are notified of the ongoing recording by a system message at the beginning of the session.

The data processing particularly affects:

  • Employees
  • Customers
  • Other external participants

The personal data processed in an MS Teams transcription and/or video recording relates to the individuals participating in the meeting through their presence. The processing of personal data within the scope of the transcription and/or video recording is based on your consent pursuant to Art. 6 para.1 sentence 1 lit. a GDPR. You can withdraw your consent at any time with effect for the future. The data processing is carried out by Microsoft Corporation, based in the USA. Microsoft is certified under the EU-U.S. Data Privacy Framework, so that an adequacy decision of the European Commission pursuant to Art. 45 GDPR exists for data transfers to Microsoft. You can view the current certification status at the following link: https://www.dataprivacyframework.gov/s/.

The data is deleted by the organizer once the purpose has been achieved. In any case, deletion takes place if the data is no longer required for operational purposes and after expiry of the commercial and tax retention obligations. Further data protection information about Microsoft Teams can be found at: https://learn.microsoft.com/en-us/microsoftteams/teams-privacy.

 

2.13 Operation of joint systems

With regard to processing within the scope of intra-group administration and division of labour through centralized systems, IT security and administration, and the provision of individual services, Porsche AG (Dr. Ing. h.c. F. Porsche AG, Porscheplatz 1, 70435 Stuttgart) and certain group companies of Porsche AG are joint controllers. In this respect, Porsche AG and the respective group companies jointly determine the purposes and means of the processing of personal data.

In an agreement on joint controllership pursuant to Article 26 GDPR, Porsche AG and the respective group companies have determined how the respective tasks and responsibilities in the processing of personal data are structured and who fulfils which data protection obligations. In particular, it has been determined how an appropriate level of security and your data subject rights can be ensured, how the data protection information obligations are jointly fulfilled, and how potential data protection incidents can be monitored. This also includes ensuring that reporting and notification obligations are met.

Porsche AG is available to you as a central point of contact. However, you can also assert your rights regarding the processing under joint controllership vis-à-vis a jointly responsible group company. Within the meaning of the aforementioned agreement pursuant to Article 26 GDPR, coordination takes place between Porsche AG and the relevant group companies in order to answer your enquiry and to safeguard your data subject rights.

Further information about the participating group companies can be found at https://www.porsche.com/international/legal/privacy/.

 

3 Cookies and website optimization tools

Within the scope of improving our website, optimizing the user experience and evaluating visitor numbers, we use various cookies and tools. This only takes place if you have given us your consent pursuant to Art. 6 para.1 lit. a GDPR. Further information on the cookies and website optimization tools used can be found in our Cookie Policy, which can also be accessed from the cookie consent manager.

 

4 Social bookmarks

So-called social bookmarks (e.g. from Facebook and Xing) are integrated on our website. Social bookmarks are Internet bookmarks with which the users of such a service can collect links and news items. On our website, these are only embedded as links to the corresponding services. After clicking on the embedded graphic, you are redirected to the page of the respective provider, i.e. only then is user information transferred to the respective provider. For information on the handling of your personal data when using these websites, please refer to the respective data protection provisions of the providers.

 

5 Recipients and categories of recipients

In order for Porsche Consulting GmbH to be able to process your data in accordance with the purposes described above, your personal data is in some cases also viewed and processed by other recipients.

 

5.1 Recipients within the Porsche Group

In special cases, it may be necessary for us to process your data group-wide. However, data processing within the Porsche Group only takes place if we have a legal permission to do so. This is the case, for example, if other companies within the Group act for us within the scope of processing on our behalf, if there is a legitimate interest pursuant to Art. 6 para.1 lit. f GDPR, if we are legally obliged to disclose the data, or if you have given your express consent.

 

5.2 External service providers (processors)

Your data is passed on to service partners insofar as they act on our behalf and support Porsche Consulting GmbH in providing its services. The processing of your personal data by commissioned service providers takes place within the scope of processing on our behalf pursuant to Art. 28 GDPR. We have concluded data processing agreements, for example, in the following areas:

  • IT hosting, maintenance and support
  • Hosting service providers
  • Mailing and dispatch service providers
  • Call answering service providers

Service providers used in this way only receive access to such personal information as is necessary for the performance of the respective activity. These service providers are prohibited from passing on your personal information or using it for other purposes, in particular for their own advertising purposes.

 

5.3 Other service providers, partners and third parties

Porsche Consulting GmbH may cooperate with other partners where this is necessary to fulfil our service offerings or where we are legally obliged to disclose data. These may be the following partners or third parties:

  • Credit institutions and payment service providers
  • Credit checks
  • Disclosure to public authorities or by court order
  • Agencies

 

6 Data deletion and storage period

The personal data of the data subject is deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also take place beyond this if it has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject. The data is also blocked or deleted if a storage period prescribed by the aforementioned norms expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.

 

7 Data processing outside the EU / EEA

We attach importance to processing your data within the EU. However, it may happen that we use service providers that operate outside the EU. In these cases, we have the service providers assure us that an adequate level of data protection is established before your personal data is transferred. This means that, by means of EU Standard Contractual Clauses or an adequacy decision, a level of data protection is achieved that is comparable to the standards within the EU.

 

8 Data security

Porsche Consulting uses technical and organizational security measures to protect your data managed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. Our security measures are continuously improved in line with technological developments.

 

9 Rights of Data Subjects

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller.

Insofar as your personal data is processed within the scope of joint controllership, you can assert the following rights vis-à-vis any responsible company of the Group. Where joint controllership exists, we point this out separately in the respective data protection declarations. An overview of the jointly responsible companies and their contact details can be found at: https://www.porsche.com/international/legal/privacy/.

Right of access pursuant to Article 15 GDPR

You can request confirmation from us as to whether personal data concerning you is being processed by us. If we have processed data concerning you, you are entitled to the further rights of information set out in Article 15 GDPR.

Right to rectification

If the data we have collected about you is incorrect or incomplete, you can request its immediate rectification from us pursuant to Article 16 GDPR.

Right to restriction of processing

Under the conditions of Article 18 GDPR, you may, in certain circumstances, also request the restriction of the processing of the personal data concerning you. After the restriction, your data may only be processed with your consent or for the assertion, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of an important public interest of the Union or of a Member State. We will inform you before the restriction is lifted.

Right to erasure

If one of the reasons set out in Article 17 para.1 GDPR applies, you can request us to erase the personal data concerning you without undue delay, unless an exception to the erasure obligation pursuant to Article 17 para.3 GDPR applies.

Right to notification

If you have asserted the right to rectification, erasure or restriction of processing vis-à-vis us, we are obliged pursuant to Article 19 GDPR to notify all recipients of your personal data of this, unless the notification proves impossible or involves a disproportionate effort. You also have the right to be informed about the recipients. Vis-à-vis the controller, you have the right to be informed about these recipients.

Right to data portability

In addition, pursuant to Article 20 GDPR, you have the right to receive the personal data concerning you from us in a machine-readable format and to transmit the data to another controller without hindrance, provided that the conditions of Article 20 para.1 lit. a GDPR are met, or to obtain that your personal data be transmitted directly by us to another controller, insofar as this is technically feasible and no freedoms and rights of other persons are impaired as a result. This right does not apply to the processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.

Right to object

You have the right at any time to object to the processing of the personal data concerning you carried out pursuant to Art. 6 para.1 lit. f GDPR, by lodging an objection with Porsche Consulting GmbH. We will no longer process your personal data unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims.

Right to withdraw consent 

You have the right to withdraw any consent you have given at any time with effect for the future by notifying Porsche Consulting GmbH. The withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent before its withdrawal.

 

10 Changes to the privacy policy

This data protection declaration is continuously updated in the course of the further development of the Internet or of our offering. Changes will be announced on this page in due time. This page should be consulted on a regular basis in order to obtain information about the current status of our data use provisions.

 

11 Trusted Information Security Assessment Exchange (TISAX®)

Porsche Consulting GmbH is a participant in the TISAX® program. Our TISAX® scope ID is SNV4P8, and the assessment ID is A8RGZ9-1.

The assessment objectives include:

  • Data protection pursuant to EU GDPR Art. 28 (“Processor”)
  • Data protection involving special categories of personal data
  • Confidential
  • Strictly Confidential

A TISAX® assessment has been conducted for several locations of Porsche Consulting GmbH.

Download assessment overview

TISAX® and the TISAX® assessment results are not intended for the general public. The results are available exclusively via the ENX portal. For more information about TISAX®, please visit https://enx.com/tisax. TISAX® is a registered trademark of the ENX Association.

 

Data Protection Officer

Porsche Consulting GmbH
Data Protection Officer
Siemensstraße 6
70469 Stuttgart
E-mail: datenschutz@porsche-consulting.com

 

Contact details of the controller

Porsche Consulting GmbH
Siemensstraße 6
70469 Stuttgart
Germany
Tel: (+49) 0711 911-1 20 01
E-Mail: kontakt@porsche-consulting.com

Represented by the Managing Directors:
Eberhard Weiblen, CEO
Dr. Joachim Lamla

Ready for Change?

Go for it!

Contact
chevron chevron