This Privacy Policy was last updated in April 2024.

It sets out the data protection measures implemented by Shyft Consulting GmbH (also known as SMC or Shyft Management Consulting) and our sister company Bioshyft GmbH (also known as Bioshyft) through the use of the Internet and other electronic communication networks.
We provide a separate privacy statement for some of the websites and applications we offer, and when we do, this privacy statement applies to the collection and use of personal information collected through those websites and applications.

1. Personal data collected

Shyft Consulting GmbH collects the personal data you provide to us, such as your e-mail address, job title or company name, via registration forms, e.g. when you subscribe to an electronic newsletter, when you send us a job application, when you register for an event, webinar or conference organized by SMC, when you request a quote or information, when you request permission to download a document, when you participate in an online competition or when you send us a message via an email response system on the SMC websites or when you choose to provide your data for surveys, quizzes, customer satisfaction or benchmarking surveys. We use a customer relationship management system to store personal information about our business contacts. We collect and use business contact data from individuals associated with existing and potential SMC customers to manage and maintain our relationship with these individuals. Shyft Consulting GmbH also uses Microsoft Bookings and Calendly. Microsoft Bookings and Calendly are apps that support the planning and management of appointments; they include a web-based booking calendar. The legal basis is the legitimate interest (Art. 6 (1) lit. GDPR; we would like to give you the opportunity to easily make an appointment with us. The personal data required to make an appointment via Microsoft Bookings and Calendly (name and e-mail address) as well as your additional, voluntary information (address, telephone number, notes) will only be processed and stored by us to the extent necessary to process the appointment. As Microsoft Bookings is a Microsoft 365 service, Microsoft (One Microsoft Way, Redmond, WA 98052-6399, USA) also has access to the data you provide in the form. Further information about the handling and use of data by Microsoft can be found in Microsoft’s privacy policy: https://privacy.microsoft.com/en-us/privacystatement.

2. Use of personal data

2.1 We process the personal data collected via the SMC Websites for the following purposes:

• Provision of our services
• Processing of inquiries and requests
• Applicant management
• Providing access to social media at your request
• Providing information about events, conferences or webinars
• Providing information on products and services
• Managing and maintaining our business contacts
• Participation in surveys, quizzes or benchmarking surveys
• Responding to your requests to exercise your data subject rights

3. Automatically collected information and its use

3.1 We automatically collect information about each visit to the SMC Websites.

3.2 This means that your browser automatically sends us certain Internet-related information, such as the Internet Protocol (IP) address of the computer you are using.

3.3 We also collect information through the use of cookies to better understand how visitors use the SMC Websites, to identify problems with our servers, to obtain aggregate demographic information and other information about the use of the SMC Websites, and to improve the functionality of the SMC Websites. Cookies do not collect information that can be used to identify you as an individual.

3.4 When you visit or use our social media websites, such as Facebook, we use the Facebook pixel, which allows us to display interest-based advertising (“Facebook Ads”) to website users when they visit the social network or other websites that also use this tool. In this way, we pursue the interest of showing you advertising that is of interest to you in order to make our website or offers more interesting for you. With the help of the Facebook pixel, we can also track the effectiveness of Facebook ads for statistical and market research purposes by seeing whether users have been redirected to our website after clicking on a Facebook ad (conversion).

This data is processed by Facebook in accordance with Facebook’s data policy: https://www.facebook.com/policy.php.

Specific information and details about the Facebook pixel, the Conversions API and how it works can also be found in Facebook’s help section: https://www.facebook.com/business/help/742478679120153?id=1205376682832142.

We also use lead ads on Facebook, e.g. for recruiting purposes and to support recruiting events. If you click on an ad as a user of the platform, you will be asked to fill out a lead ad form. Once submitted, your lead data will be stored on Facebook’s servers for a maximum of 90 days and we may download your lead data from there. The downloaded data is stored in our recruitment system for a maximum of 6 months. Facebook uses the information submitted by users via the lead ad in accordance with its data policy: https://www.facebook.com/policy.

Further details on how lead ads work on Facebook can be found here:
https://www.facebook.com/business/help/1481110642181372?id=735435806665862.

When using Lead Ads, Shyft Consulting GmbH and Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (Facebook) are jointly responsible for the collection and transmission of data in this process. The following processes are therefore not covered by joint control:

• The process that takes place after collection and transmission is the sole responsibility of Facebook.
• The creation of reports and analyses in aggregated and anonymized form is carried out as a processor and is therefore our responsibility.

We transmit the data as part of joint control on the basis of legitimate interest in accordance with Art. 6 (1) f GDPR. Further information on the processing of personal data by Facebook, including the legal basis and further information on the rights of data subjects, can be found here: https://www.facebook.com/about/privacy.

3.5 Shyft Management Consulting benutzt auf ihren Websites Google Analytics, einen Webanalysedienst der Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland. Um Ihre Daten bestmöglich zu schützen, wird die Version Google Analytics 4 (GA4, anonymisiertes Tracking, cookieless Tracking) verwendet. Das bedeutet, dass nur anonymisierte, aggregierte Daten an uns übermittelt werden, die wir für Webstatistiken auswerten und damit unser Angebot verbessern wollen. Es werden keine individuellen Profile erstellt, sondern Benutzergruppen. Ein Personenbezug kann nicht mehr hergestellt werden.

GA4 verwendet standardmäßig eine IP-Adressen-Anonymisierung, die nicht deaktiviert werden kann. Gesetzlich vorgeschriebene Cookies haben eine Laufzeit von 2 Monaten.

Die Rechtsgrundlage für die Nutzung von GA4 und die stattfindende Reichweitenmessung ist das berechtigte Interesse (Art. 6 Abs. 1 lit. f GDPR).

Die erhobenen Daten können an Google in Europa oder an Google-Server in den USA übermittelt werden. SMC hat keinen Einfluss auf die Übermittlung der Daten an Google. Weiterhin hat SMC keinen Einfluss darauf, ob Google Rückschlüsse auf Ihre Person ziehen kann.

Wir beachten die aktuellen Entscheidungen der europäischen Datenschutzbehörden und/oder anderer Behörden, die Auswirkungen auf die Nutzung von Google Analytics haben könnten.
Weitere Informationen zum Umgang mit Nutzerdaten finden Sie in den Datenschutzbestimmungen von Google: https://www.google.de/intl/de/policies/privacy/.

4. Cookie list

4.1 A cookie is a small piece of data (text file) that your browser stores on your device at the instruction of a website you visit in order to “remember” information about you, such as your language preferences or login information. These cookies are set by us and are known as first-party cookies. We also use third-party cookies, which come from a different domain to the website you are visiting. We use these cookies to support our advertising and marketing efforts. In particular, we use cookies and other tracker technologies for the following purposes:

Strictly necessary cookies

These cookies are necessary for the website to function and cannot be deactivated in our systems. As a rule, these cookies are only set in response to actions you take that correspond to a service request, such as setting your privacy preferences, logging in or filling out forms. You can set your browser to block these cookies or to notify you about these cookies. However, some areas of the website will then not work. These cookies do not store any personal data.

Performance cookies

These cookies allow us to count visits and traffic sources so that we can measure and improve the performance of our website. They help us answer questions about which pages are the most popular, which are the least used and how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you have visited our website.

Functional cookies

These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, some or all of these services may not function properly.

Targeting cookies

These cookies may be set through our website by our advertising partners. They may be used by these companies to build a profile of your interests and show you relevant advertisements on other websites. They do not store any directly personal information, but are based on the unique identification of your browser and internet device. If you do not allow these cookies, you will see less targeted advertising.

4.2 Microsoft Dynamics 365.

We use cookies or tracking pixels from Microsoft Dynamics 365 Marketing, which are provided by Microsoft Ireland Operations Limited, Ireland. Microsoft Dynamics Marketing uses the following cookies:

• Long-term behavioral analytics cookie: this cookie is set and/or read by each website on which we have placed a marketing website behavioral analytics script. It allows marketing leads to be scored based on your interaction with a particular website. The cookie does not contain any personal information, but uniquely identifies a specific browser for a specific computer and Dynamics 365 Marketing can use it to correlate this ID with an actual contact in our SMC CRM. The cookie remains active for two years.
• Short-term single visit cookie: This cookie is also read and/or set by each web page where we have placed a marketing website behavior analytics script By default, it expires after 30 minutes. Dynamics 365 Marketing uses it to group all page views of a particular user that are recorded by the same behavioral analytics script and occur within the configured time frame. The cookie will consider all of these as part of a single “visit” to the website.

4.3 When you browse the SMC website, you will also have access to embedded media and other external sources that may store cookies. As cookies from external embedded media can be used or modified without the knowledge or consent of Shyft Consulting GmbH, please visit the link below for more information:

Twitter https://twitter.com/en/privacy
YouTube https://policies.google.com/privacy 
LinkedIn https://www.linkedin.com/legal/privacy-policy
Facebook https://www.facebook.com/policy.php 
Xing https://privacy.xing.com/en/privacy-policy

4.4 You have the right to choose whether or not to accept cookies. You can exercise this right by making or changing browser settings so that your cookie preference is taken into account. However, please note the following: If you choose not to accept cookies, you may not be able to use the full functionality of the SMC Websites.

4.5 The “Help” section in the toolbar of most internet browsers will tell you how to change the browser’s cookie settings. It also tells you how to set the browser to notify you when you receive a new cookie and how to disable cookies completely. For more information on cookies and how to control their use, please visit the following external educational resources: https://www.allaboutcookies.org/ and https://www.youronlinechoices.eu/.

5. Information exchanged

We only share personal data with other companies within our group of companies and with business partners, government agencies, law enforcement authorities and legal successors of our company, as well as with contractors that we have commissioned to process data. In these cases, we share your personal data for specific purposes, e.g. for our legitimate business purposes and to comply with legal obligations. We rely on contractual obligations, legitimate interest or your consent as the legal basis for processing.

6. Links to other websites

6.1 This Privacy Policy only applies to data collected via an SMC website.
6.2 SMC websites contain links to other websites that are neither owned nor managed by Shyft Consulting GmbH. We draw your attention to the fact that SMC is not responsible for the data protection measures of external websites. We recommend that you read the privacy policy of every website you visit.

7. Security

We have security features in place to protect the personal information you provide to us through SMC websites from unauthorized disclosure, use, alteration or destruction. Please note, however, that there is no such thing as perfect security on the Internet. Therefore, while we strive to protect your personal information, it is potentially possible for unauthorized parties to access and use information transmitted over the Internet.

8. Your rights in relation to your personal data/information, deletion, restriction and objection

We want to ensure that the information we store about you is up to date and correct. You can assert your rights from SMC as the responsible body at any time, in particular in accordance with Art. 15 to 18, 21 GDPR, and request information about any data stored about you, the purpose of storage and its origin. In addition, in accordance with the statutory provisions, you have the right to rectification, blocking, objection to the processing and erasure of your personal data; within the framework of the provisions of Art. 18 GDPR, you have the right to demand a restriction of the processing of the data concerning you. To obtain a copy of the personal data that we store about you, please contact us at: info@shyft-consulting-com.

9. Transfers on the Internet

Given that the Internet is a global environment, the use of the Internet to collect and process personal data inevitably involves the transfer of data on an international basis. Therefore, by visiting SMC websites and communicating with us electronically, you consent to our processing of personal data in this way. We take the necessary measures to protect all personal data collected via the SMC Websites in accordance with strict data protection guidelines.

10. Updating this privacy policy

We reserve the right to change this Privacy Policy at any time without notice to reflect future developments at Shyft Consulting GmbH, this website, or changes in our industry or the law. In this case, the changes will be published on the SMC websites. You can check the status of this privacy policy above under “last updated”. Changes will take effect upon publication on the SMC websites. If you continue to use the websites after the change, we will assume that you have agreed to the changes. If you do not agree to these changes or to the Privacy Policy in whole or in part, you will be asked to stop using the SMC Websites.

11. Contact

Contact us If you have general questions or comments about how we process personal data, please contact us at: info@shyft-consulting-com.