DATA
PROTECTION.

PRIVACY POLICY

Responsible consulting begins with responsible data protection.

At BRUSEGROUP, we collect and process personal data strictly according to legal requirements. Which data we collect, why we collect it, and how we protect it – we explain it all here clearly and transparently. Because meaningful consulting is based on trust. And trust begins with transparency.

1. Data Controller

BRUSEGROUP GmbH
Huyssenallee 52-56
45128 Essen
Germany

Managing Directors: Daniela Bruse and Dr. Michael Bruse
Commercial Register: HRB 35980, Amtsgericht Essen
Phone: +49 172 587 44 55
Email: db@brusegroup.com

2. Data Protection Overview

When you visit our website, we process personal data only as legally permitted under the EU General Data Protection Regulation (GDPR) and German Federal Data Protection Act (BDSG). Personal data means any information that can identify you as an individual.

3. Your Rights

You have the right to:

  • Access your personal data (Art. 15 GDPR)
  • Rectify incorrect data (Art. 16 GDPR)
  • Erase your data ("right to be forgotten") (Art. 17 GDPR)
  • Restrict processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Object to processing (Art. 21 GDPR)
  • Withdraw consent at any time (Art. 7(3) GDPR)

To exercise these rights, contact us at db@brusegroup.com.

Right to Object (Art. 21 GDPR): You may object to processing based on legitimate interests or for direct marketing at any time. If you object, we will stop processing your data unless we have compelling legitimate grounds that override your interests.

4. Data We Collect

4.1 Automated Collection
When visiting our website, we automatically collect:

  • IP address (anonymized)
  • Date and time of access
  • Pages visited
  • Browser type and operating system
  • Referring website

Legal basis: Art. 6(1)(f) GDPR (legitimate interests in website security and functionality)

4.2 Contact Forms and Email
When you contact us, we process:

  • Name
  • Email address
  • Phone number (if provided)
  • Message content

Legal basis: Art. 6(1)(f) GDPR (legitimate interests) or Art. 6(1)(b) GDPR (contract fulfillment)

5. Purpose and Duration

We process data only for specific purposes:

  • Providing and securing our website
  • Responding to inquiries
  • Fulfilling contractual obligations

Retention periods:

  • Server logs: 7 days
  • Contact inquiries: Until resolved, then per legal requirements
  • Contract data: 10 years (tax law requirements)

6. Data Recipients

We share data only when necessary with:

  • Our hosting provider (All-Inkl.com GmbH)
  • Professional advisors (bound by confidentiality)
  • Authorities (when legally required)

We do not sell or rent personal data.

7. Hosting

Our website is hosted by ALL-INKL.COM - Neue Medien Münnich, Hauptstraße 68, 02742 Friedersdorf, Germany. We have a data processing agreement ensuring GDPR compliance. Details: https://all-inkl.com/datenschutzinformationen/

8. Cookies

We use essential cookies for website functionality. You can control cookies through browser settings. Disabling cookies may limit website features.

Types used:

  • Essential cookies (website functionality)
  • Analytics cookies (only with consent)

Legal basis: Art. 6(1)(f) GDPR or Art. 6(1)(a) GDPR (with consent)

9. Analytics

Google Analytics
With your consent, we use Google Analytics to understand website usage. Data is anonymized and processed according to our agreement with Google Ireland Limited.

You can opt out: https://tools.google.com/dlpage/gaoptout

Google Tag Manager
We use Google Tag Manager to manage website tools efficiently. It doesn't collect personal data independently.

Legal basis: Art. 6(1)(a) GDPR (consent). You may withdraw consent anytime.

10. SSL Encryption

Our website uses SSL/TLS encryption to protect data transmission. You can verify this by the "https://" in your browser's address bar and the lock icon.

11. International Transfers

We do not transfer personal data outside the EU/EEA unless adequate safeguards are in place (e.g., EU Standard Contractual Clauses).

12. Complaints

You may lodge a complaint with the supervisory authority:

Landesbeauftragte für Datenschutz und Informationsfreiheit NRW
Postfach 20 04 44
40102 Düsseldorf
Germany

13. Updates

We may update this policy to reflect legal or operational changes. The current version is always available on our website.

Last update: 06 June 2025.