Impressum, Privacy
& Terms of use


www.handandheart.eu, www.hospohotline.com, www.supercooltoxicworkplace & www.handandheart.shop is operated by

Hand & Heart GmbH

Business & Legal address: Reuterstrasse 80, 12053 BERLIN

Geschäftsführer: Kathleen Bailey

Contact: hello@handandheart.eu

Register code: Amtsgericht Berlin (Charlottenburg) HRB 228961 B

Accounting Enquiries: admin@handandheart.eu
Umsatzsteuer-ID / Sales tax identification number according to §27a sales tax law: DE309335490

 

Data Privacy Statement for Business Partners, Suppliers and other Third Parties


Throughout this privacy statement “Hand & Heart,” “H&H,” “we,” “us,” and “our” means Hand & Heart GmbH.

We would like to give you an overview of the processing of your personal data by us, as well as inform you of your rights under the General Data Protection Regulation (GDPR).

This privacy statement is relevant with regard to all personal data of data subjects with whom we enter into contractual, business or other relationships, as well as of governing bodies or other employees of our contractual or business partners, which we process in the context of existing or emerging contractual, business or other relationships. This includes, among others, existing or potential suppliers, service providers, customers or consultants, as well as existing or potential cooperation partners or other partner companies.

What data do we process and where does it come from?

The subject of the processing is your personal data that you yourself provide to us in the context of contractual and business relationship, or that we receive from the respective contractual and business partners or that we have obtained otherwise. In some cases we process personal data that we collect from publicly accessible sources such as trade registers, the press or the internet. Furthermore, in some cases we receive information from third parties, e.g. business partners.

The types of personal data concerned are primarily: surname, first name, address, bank details, billing address, tax number/VAT ID and other contact or master data, such as telephone number or e-mail address. However, the specific types of personal data processed by us will depend on the characteristics of your relationship with us. This data regularly relates solely to the business context, i.e. we only process private contact data in exception cases, for example if this is necessary to fulfil the contract with you.

The scope of the data processed about a person also varies depending on the function which the person appears to us, such as the position they hold with the respective (business) partner and the subject of the (business) relationship.

Purposes and legal bases for processing

We process personal data for the following purposes and on the basis of the following legal grounds:

  • Data processing is primarily carried out for the execution of contracts concluded with you or your employer with whom we have a business relationship, or for the execution of pre-contractual measures (Art. 6 (1) b GDPR). This relates, for example, to purchase and supply contracts and the processing of purchase and sales inquiries, authentication of contractual partners, processing and review of corresponding offers and inquiries, preparation and signing of contractual documents, execution of purchases and sales, invoicing and processing of purchase price payments, sending of information letters, service and work contracts as well as other contractual relationships.

  • In addition, we process your data on the basis of legal requirements pursuant to Art. 6 (1) c GDPR, as well as to protect our legitimate interests pursuant to Art. 6 (1) f GDPR. This is done in particular for the fulfilment of tax and other legal control and reporting obligations, as well as audits by tax or other authorities and to comply with legal retention periods.

  • We may process your data for the assertion and defence of legal claims. This is the case, for example, if we conduct a judicial or extrajudicial dispute with you, for example, about the existence or non-existence of payment obligations. In the context of legal disputes, we may transfer your data to our external legal advisors or experts. The legal basis for this processing is Art. 6 (1) f GDPR in conjunction with Art. 9 (2) f GDPR.

  • If you use online meeting tools to interact with us, we might collect additional kinds of data. Please refer to the privacy statement on our website at handandheart.eu for further details.

  • In individual cases, we process data because you have expressly consented to this (Art. 6 (1) a GDPR), for example in the receipt of advertising by electronic mail and/or telephone. You will receive specific information on this in the context of granting your consent.

To whom do we transfer your personal data?

Under certain circumstances (beyond the cases already mentioned above), your personal data might be passed on to third parties for the purposes mentioned below:

  • Service providers, in particular data processors, receive personal data of our business partners or third parties we interact with that is required for the fulfilment of the respective service.

  • Information necessary for the processing of existing contracts is transferred to customers and suppliers.

  • Due to legal obligations to report and provide information, certain personal data is communicated to the competent authorities.

  • If it is necessary for the clarification or prosecution of illegal or abusive incidents or for the establishment, exercise or defence of legal claims, personal data is forwarded to our legal advisors, the law enforcement authorities and, if necessary, to injured third parties.

  • If you have designated recipients (e.g., emergency contacts), personal information will be provided to them when certain circumstances arise.

In cooperation with service providers and other organisations, legal instruments are used to ensure that your personal data is processed lawfully and stored only as long as necessary. These are, for example, order processing agreements according to Art. 28 GDPR or agreements between joint controllers according to Art. 26 GDPR.

As a rule, the servers on which your personal data is stored by us or one of our service providers are located on the territory of the EU. In the course of some processing activities, your personal data may be stored outside the EU or personal data may be accessed by persons performing their activities in countries outside the EU (e.g., consultants). These countries might provide a lower level of data protection. If there is no adequacy decision according to Art. 45 GDPR for these countries, legal instruments are used that also ensure the confidentiality, integrity and availability of the (your) personal data. This includes in particular the signing of the so-called EU standard data protection clauses according to Art. 46 (2) c GDPR

How long do we store your data?

We will retain and process your personal data for as long as we can claim a legitimate interest, we have valid consent from you, or there is a legal obligation for a certain period of time, which is determined or specified by applicable law and our company's IT security and data protection policies

What rights do you have?

You have the following rights under applicable data protection laws:

  • Right to data portability if the legal requirements are met

  • Right to complain to a supervisory authority

  • Right to information about your personal data stored by us

  • The right to erasure or restriction of processing, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or in the event that the processing serves the purpose of asserting, exercising or defending legal claims

  • The right to have your personal data corrected

  • The right to object to processing which serves our legitimate interest, a public interest or profiling, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or in the event that the processing serves the purpose of asserting, exercising or defending legal claims

  • The right to withdraw your consent for the processing of your personal data at any time with effect for the future

If you wish to exercise your rights, please send your request to hq@handandheart.eu.

Who can you contact with questions or concerns about the processing of your data?

In case of any questions regarding the protection of your personal data, you can contact our data protection officer at the following address:

admin@handandheart.eu.

Status and amendment of this privacy statement

The status of this privacy statement is 25.09.2023.

We reserve the right to change this data protection declaration in the future within the framework of the applicable data protection laws.

TRADEMARK &
COPYRIGHT

COPYRIGHT

The content and works on these pages created by the website operator are subject to German copyright law. The duplication, processing, distribution and any kind of exploitation outside the limits of the copyright law require the written consent of the respective author or creator. Downloads and copies of this website are only permitted for private, non-commercial use. Insofar as the content on this site was not created by the operator, the copyrights of third parties are observed. In particular, the contents of third parties are marked as such. Should you nevertheless become aware of a copyright infringement, we would ask you to notify us accordingly. As soon as we become aware of legal violations, we will remove such content immediately.

TRADEMARK

Hand & Heart, as a business name, is a registered trademark under the German Act on Trade Marks and the Ordinance for the implementation of trademarks (Trade Mark Ordinance).


 

PRIVACY

This Privacy Policy describes how your personal information is collected, used, and shared when you visit domains or digital platforms owned by Hand & Heart GmbH.

H&H Policy

As Hand & Heart GmbH is not yet an e-commerce platform, we do not think we need to have data from our site visitors. This is principally because we do not need or want to participate in targeted advertising, nor do we need site visitor data to perform or enhance the services we provide, or need to market. We take data super seriously, and anytime we use our websites or digital platforms to solicit user data - we use individual consent forms.

SQUARESPACE

We use Squarespace to host our websites. By default, Squarespace use cookies to run our site and obtain information about visitors for Squarespace analytics. We do not want to collect any such data from our site users. We do not use any third party applications to collect visitor data or analytics from any H&H digital platform. In order to ensure we do not collect this data, and to help us comply with legal requirements, we have taken the follow steps:

1) We have disabled the Activity Log so we don’t collect or see visitors’ IP addresses or other personal data.

2) We have disabled Squarespace analytics cookies so we don’t place these non-essential cookies on visitors’ browsers.

3) We still display a customisable cookie banner so visitors can opt into any use of cookies, which we do not collect.

SQUARESPACE SCHEDULING

Squarespace Scheduling has tools to help us comply with the GDPR. We ensure that:

1) We display terms and conditions in your scheduling instructions.

2) We use intake forms to get consent to our terms from our clients.

3) We delete client information in the Client List.

4) Export client data to comply with a client's data portability request, as per the above terms.

SITE PLATFORMS LIKE BREWDOG AFFECTED WORKER’S PLATFORM OR MIKKELLER RECONCILIATION PROGRAM

When it comes to your data when registering or submitting on either platform, users are asked for specific consents that form the data handling agreements you as a registrant has with H&H. We always ensure that any data we process from these platforms can only be used, acted on or have a change in handling terms with the express written consent of the data Owner.

PERSONAL INFORMATION WE COLLECT

We do not share your personal information as we do not track, collect or analyse site visitor data.

HOW DO WE USE YOUR PERSONAL INFORMATION?

We do not share your personal information as we do not track, collect or analyse site visitor data.

SHARING YOUR PERSONAL INFORMATION

We do not share your personal information as we do not track, collect or analyse site visitor data.

BEHAVIOURAL ADVERTISING

We do not use your data or personal information in anyway, nor do we allow third party applications or social media platforms access to such data on the website. We do not share your personal information as we do not track, collect or analyse site visitor data.

YOUR RIGHTS

If you are a European resident, or any living individual person, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.

DATA RETENTION

We do not retain data from any H&H digital platform or website.

CHANGES

We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.

CONTACT US

For more information about our privacy practices, if you have questions, or if you would like to make a complaint or subject access request, please contact us by e-mail or by mail using the details provided below:

Hand & Heart GmbH

admin@handandheart.eu

[Re: Privacy Compliance]

Reuterstrasse 80 Berlin DE 12053

 

TERMS OF USE

All terms and conditions for services offered via this website require the completion of individual contracts between Hand & Heart and the customer.



You must not:

(a) use our website in any way or take any action that causes, or may cause, damage to the website or impairment of the performance, availability or accessibility of the website;

(b) use our website in any way that is unlawful, illegal, fraudulent or harmful, or in connection with any unlawful, illegal, fraudulent or harmful purpose or activity;

(c) use our website to copy, store, host, transmit, send, use, publish or distribute any material which consists of (or is linked to) any spyware, computer virus, Trojan horse, worm, keystroke logger, rootkit or other malicious computer software; or

(d) conduct any systematic or automated data collection activities (including without limitation scraping, data mining, data extraction and data harvesting) on or in relation to our website without our express written consent.

(e) use any information on this website or accrued through further contact as a representation of your own work. All work on this website, and any subsequent content, is owned by Hand & Heart.

LIABILITY FOR CONTENT

As a service provider, we are responsible for our own content on these pages in accordance with general law in accordance with Section 7 (1) of the German Telemedia Act. According to §§ 8 to 10 TMG, as a service provider, we are not obliged to monitor transmitted or stored third-party information or to research circumstances that indicate illegal activity.

Obligations to remove or block the use of information in accordance with general laws remain unaffected. Liability in this regard is only possible from the point in time at which we become aware of a specific legal violation. As soon as we become aware of such legal violations, we will remove this content immediately.

LIABILITY FOR LINKS

Our offer may contain links to external third-party websites, over whose content we have no influence. Therefore, we cannot accept any liability for this third-party content. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time they were linked. No illegal content was found at the time the link was created.

A permanent control of the content of the linked pages is not reasonable without concrete evidence of an infringement. If we become aware of legal violations, we will remove such links immediately.

 

GDPR

Hand & Heart is 100% compliant with the General Data Protection Regulation (GDPR) as per the information outlined in the policies above. This policy was last updated on [14/04/2022].