Privacy Policy

By using our website you consent to the collection, processing and use of data as described below. Our website can be visited without registration. This data – such as visited pages or names of retrieved files, date and time – are stored on the server for statistical purposes, without data directly related to your person. Personal data – in particular name, address or e-mail address – are collected on a voluntary basis as far as possible. Data will not be passed on to third parties without your consent.

Responsible for the content

Ewald & Rössing GmbH & Co. KG

Crisis Management
Crisis Communication
Litigation PR
Strategy Development

Erich-Zeigner-Allee 69-73
04229 Leipzig

Telefon: +49 341 339784 00

Ewald & Rössing GmbH & Co. KG
HRA 18838 | Registergericht Leipzig| Steuernr. 232 153 32306 | Finanzamt Leipzig I | Ust.-IdNr.: DE 282 671 813

General Partner: Ewald & Rössing Verwaltungs GmbH | Erich-Zeigner-Allee 69-73 | 004229 Leipzig | HRB 38611 | Registergericht Leipzig

Executive Partner: Marcus Ewald und Torsten Rössing
Responsible for the content under § 55 Abs. 2 RStV: Torsten Rössing (adress as above)



1. Business related processing

Basically collected and processed data include contract data and payment data of our customers, interested parties and business partners for the supply of contractual services, contact, marketing, advertising and market research. We collect and process this data as part of our services.

1.1. Consulting services

Within the scope of our contractual services, we process data of our customers for conceptual and strategic consulting and training, in particular in the areas of crisis communication, litigation PR, strategy development and media training.

We process inventory data, contact data, content data, contract data, payment data, as well as usage data and metadata. In principle, we do not process special categories of personal data unless these are components of a commissioned processing. Those affected are our customers, interested parties and their customers, users, website visitors or employees as well as third parties. The purpose of the processing is the provision of our contractual services, service and billing, Art. 6 I b GDPR, Art. 6 I f GDPR.

We process this data to justify and fulfill contractual services. Disclosure to external parties will only be made if required by an order. When processing the data provided to us within the framework of an order, we act in accordance with the instructions of the client as well as with the legal requirements of order processing pursuant to Art. Art. 28 GDPR and process the data for no other purpose than the order.

We delete the data after expiry of legal warranty and comparable obligations. The necessity of keeping data is checked every three years; in case of legal archiving obligations, deletion takes place after its expiry (6 years, pursuant to § 257 I HGB, 10 J, in accordance with § 147 I AO). If data is disclosed to us in context of an order by the client, we delete the data according to the specifications of the order, in principle after the end of the order.

1.2. Training and coaching

We process data of our customers, prospective customers, other clients or contractual partners in order to provide them with our contractual or pre-contractual services, in accordance with Art. Art. 6I b GDPR. Processed data, nature, extent, purpose and necessity of processing are determined according to the respective individual and contractual relationship. Processed data basically includes inventory data and master data of our prospective customers, clients and contractual partners as well as contact data, contract data and payment data.

Should it be necessary within the framework of our activity to process special categories of data according to Art. 9 I GDPR, we will collect data according to Art. Art. 6 I a., Art. 7, Art. 9 II a GDPR only with explicit consent of our prospective customers, contracting parties and contractual partners. We will process special categories of data otherwise for purposes of health care on the basis of Art. 9 I h GDPR and § 22 I No. 1 b BDSG.

Should it be necessary for the fulfillment of the contract or determined by law, we will disclose or transmit data of our prospective customers, clients and contractual partners in context of communication with other specialists in the manner required for contract fulfillment only if this is in line with the provision of our services according to Art. 6 I b GDPR or if it is intended by law, Art. 6 I c GDPR. Furthermore we will disclose or transmit data only if it is necessary according to Art. 6 I d GDPR in order to protect the vital interests of our interested parties, contracting parties or another natural person, or in the context of a consent pursuant to Art. 6I a, Art. 7 GDPR.

Data is deleted if it is not longer required the fulfillment of contractual or legal duties of care and handling of any warranty or similar obligations. The necessity of preserving is checked every three years; otherwise the legal retention period apply.


2. Your rights

2.1. Right to revoke your consent to data processing

Certain proceedings of data processing are possible only with your explicit consent. Revocation of your already given consent is possible at any time. For the revocation an informal message by e-mail is sufficient. The legality of data processing carried out until the revocation remains unaffected by the revocation.

2.2. Right to complain to the responsible authority

As the person affected, in the event of a breach of data protection law, you have a right of appeal to the responsible supervisory authority. The responsible supervisory authority with regard to data protection issues is the state data protection officer of the federal state in which the headquarters of our company is located. The following link provides a list of data protection officers and their contact details:

2.3. Rights to data portability

You have the right to have your data that we process on the basis of your consent or in fulfillment of a contract automatically disclosed to you or to third parties. If you require a direct transfer of the data to another person in charge, this will only be done within the scope of reasonable technical possibilities.

2.4. Right to information, correction, blocking and deletion

Pursuant to the Federal Law on data protection, you have the right to consult, free of charge, your personal information, stored personal data, origin of the data, their receiver and the purpose of the data processing  recorded by us and a right  to correction, blocking or deletion of this data. In this regard and also to further questions on the subject of personal data, you can always contact us via the contact options listed in the imprint.


3. External parties and third parties

The hosting services we use are infrastructure and platform services, capacity, storage, database, security, and maintenance services.

At this we or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta and communication data of customers, interested parties and visitors to this online offer on the basis of our legitimate interests in an efficient and secure provision of this website acc. Art. 6 I f GDPR in conjunction with Art. 28 GDPR.


4. Own business use

4.1. Administration, financial accounting, office organization and contact management

We process data in the context of administrative tasks, as well as business organization, financial accounting and compliance with legal obligations. In principle, we process the same data that we process in the course of rendering our contractual services on the basis of Art. 6 I c GDPR, Art. 6 I f GDPR. The processing affects customers, interested parties, business partners and website visitors. The purpose and interest in processing lies in administration, financial accounting, office organization, data archiving, therefore tasks that serve to maintain our business, perform our duties and provide our services. The deletion of data with regard to contractual services and contractual communication corresponds to the aforementioned processing activities (see above).

We disclose or transmit data to financial services, advisors, such as tax accountants or auditors, as well as payment service providers.

Based on our business interests, we store information about suppliers, promoters and other business partners. We store these company-related data permanently.

4.2. Business analysis and market research

In order to operate our business efficiently, we analyze data we have on business transactions, contracts and inquiries. We process inventory data, communication data, contract data, payment data, usage data, metadata on the basis of Art. 6 I f GDPR, whereby the data subjects include contractual partners, interested parties, customers and visitors to our website.

The analyzes are carried out for the purpose of business analysis, marketing and market research. In doing so, we can provide the profiles of registered users with information, e.g. take into account their services. The analyzes serve us to increase the user-friendliness, the optimization of our offer and the business economics. The analyzes are for us alone, unless they are analyzed anonymously.

If these analyzes or profiles are personal, they will be deleted or anonymised upon termination of the users, otherwise after two years from the conclusion of the contract. The business analyzes are created as anonymously as possible.


5. Application and contact

5.1. Privacy policy in application procedure

We process the applicant data only for the purpose and in the context of the application procedure in accordance with legal requirements. The processing of the applicant data is carried out to fulfill our contractual and pre-contractual obligations in the context of the orderly application process within meaning of Art. 6 I b GDPR Art. 6 I f GDPR and only if the data processing is required for us in legal proceedings, cf. § 26 Bundesdatenschutzgesetz.

The application procedure requires applicants to provide us with the applicant data. Necessary applicant data are indicated in the online form and otherwise result from the job descriptions. Basically, this includes regular information about the person, postal and contact addresses and the application documents, such as cover letters, CVs and certificates. In addition, applicants can voluntarily provide us with additional information.

By submitting the application to us, the applicants agree to the processing of their data for the purposes of the application procedure in accordance with the nature and limits of this Privacy Policy.

Insofar as special categories of personal data within the meaning of Art. 9 I GDPR are voluntarily notified in the context of the application procedure, their processing is additionally carried out in accordance with Art. 9 II b GDPR. If, in the context of the application procedure, special categories of personal data are requested from applicants within the meaning of Art. 9 I GDPR, their processing is additionally carried out in accordance with Art. 9 II a GDPR.

If provided, applicants can submit their applications to us via an online form on our website. The data will be encrypted and transmitted to us according to the state of the art. In principle, applicants can submit their applications via e-mail. It should be noted that e-mails are generally not sent in encrypted form and the applicants themselves must provide for the encryption. Corresponding encrypted contact options are provided on our website. We can not take any responsibility for the transmission of the application between the sender and the reception on our server. Applicants can also send their application by post.

The data provided by the applicants can and has to be further processed by us in case of a successful application for employment purposes. Otherwise, the data of the applicants will be deleted.

Deletion takes place after the expiration of a period of six months in order to fulfill proof obligations from the Allgemeines Gleichbehandlungsgesetz.

5.2. Contact

When contacting us, information of the user to process the contact request and their processing and answering will be processed acc. to Art. 6 I b GDPR. The details of the users can be stored in a CRM system.

We delete the requests if they are out of date and are not needed. Data is checked regularly, but at least every two years.

5.3. Comments and posts

If users leave comments, their IP addresses can be stored for 7 days based on our legitimate interests within the meaning of Art. 6 I f GDPR. This is done for our protection, as comments of illegal content must be deleted by us and possibly tracked.

These data are stored by us permanently until revocation by the user.

To review comment subscriptions, we use a confirmation email to verify that you are the owner of the email address provided. You can unsubscribe at any time via a link in the confirmation e-mail. Entered data will be deleted in case of cancellation.

2022 - Ewald & Rössing GmbH & Co. KG