Data Privacy

Data protection notice

Our data protection notice provides information on the collection, processing, and use of your personal data if and to the extent that it is collected when you use our website. In addition, all persons affected by the data processing are informed about the rights to which they are entitled.

When handling this personal data, we act in strict compliance with the relevant legal data protection regulations and the following principles. We have implemented necessary technical and organizational measures to ensure extensive protection of the personal data processed via our website.

Responsible party

The responsible party for the processing of your personal data described in this data protection notice is:

Dunn & Falkenstein Consulting
Olivia Falkenstein, Partner & Co-founder
Angela Dunn, Partner & Co-founder
Brüder-Grimm Str. 28, 69493, Hirschberg

Definitions from the EU-GDPR

Personal data means any information relating to an identified or identifiable natural person (hereinafter “you”). An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Pseudonymization means the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

Controller is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.

Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Consent means any freely given specific and informed indication of the data subject’s wishes in the form of a statement or other unambiguous affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.

The supervisory authority is an independent governmental body established by a Member State pursuant to Article 51 of the GDPR. The state data protection supervisory authority responsible for Dunn & Falkenstein Consulting is:

The State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg.

P.O. Box 10 29 32
70025 Stuttgart
Tel.: 0711/615541-0
Fax: 0711/615541-15

Right to information and contact

If you contact us by e-mail, we will only use your e-mail address to get in touch with you. We exclude any other use. Should you wish to contact us by e-mail, we would like to point out that the content of unencrypted e-mails can be viewed by third parties. It is therefore advisable to send confidential information in encrypted form or by post. You have a right to information regarding the personal data stored about you and a right to correction of incorrect data, objection, restriction, data portability, blocking and deletion.

Legal basis

Insofar as we obtain the consent of the data subject for processing operations of personal data, Art. 6 (1) lit. a EU Data Protection Regulation (EU-GDPR) serves as the legal basis.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

If the processing is necessary to protect a legitimate interest of Dunn & Falkenstein Consulting or a third party, and if the interests, fundamental rights and freedoms of the data subject do not override the former interest, Article 6 (1) (f) GDPR serves as the legal basis for the processing.

Access data

Personal data is collected by Dunn & Falkenstein Consulting via the Internet offer only to the extent technically necessary (name of the file accessed, date and time of access, amount of data transmitted, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page) and the requesting provider). This data cannot be assigned by Dunn & Falkenstein Consulting to specific persons and is not merged with data from other data sources.


We use so-called cookies on our website to recognize multiple use of our offer by the same user/internet connection owner. Cookies are small text files that your Internet browser stores on your computer. They serve to optimize our Internet presence and our offers. Most of these are so-called “session cookies”, which are deleted after the end of your visit.

In some cases, however, these cookies provide information to automatically recognize you. This recognition is based on the IP address stored in the cookies. The information obtained in this way is used to optimize our offers and to provide you with easier access to our site.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of this website.

Data collection and data processing for accesses from the Internet

When you visit our website, the web servers of the hosting provider SiteGround temporarily store each access in a log file. The following data is collected and stored for approx. 8-9 weeks until automated deletion:

  • IP address of the requesting computer (anonymized, shortened by the last three digits)
  • Date and time of access
  • Name and URL of the accessed file
  • Amount of data transferred
  • Message as to whether the retrieval was successful
  • Recognition data of the browser and operating system used
  • The URL of the website from which the access was made

This data is processed for the purpose of enabling the use of the website, system security, technical administration and optimization of the Internet offering. Personal user profiles are not created. Personal data will not be processed beyond the aforementioned cases.


We use HubSpot for marketing automation, managing subscribers lists and giving our visitors the possibility to set-up meetings via a meeting tool.

To find out more about the Data Privacy compliance of HubSpot, check this link: General Data Protection Regulation | HubSpot

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider of this service is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics uses so-called cookies. Cookies are text files, which are stored on your computer and that enable an analysis of the use of the website by users. The information generated by cookies on your use of this website is usually transferred to a Google server in the United States, where it is stored.

The storage of Google Analytics cookies and the utilization of this analysis tool are based on Art. 6 Sect. 1 lit. f GDPR. The operator of this website has a legitimate interest in the analysis of user patterns to optimize both, the services offered online and the operator’s advertising activities. If a corresponding agreement has been requested (e.g. an agreement to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the agreement can be revoked at any time.

Browser plug-in

You do have the option to prevent the archiving of cookies by making pertinent changes to the settings of your browser software. However, we have to point out that in this case you may not be able to use all of the functions of this website to their fullest extent. Moreover, you have the option prevent the recording of the data generated by the cookie and affiliated with your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link:

For more information about the handling of user data by Google Analytics, please consult Google’s Data Privacy Declaration at:

Archiving period

Data on the user or incident level stored by Google linked to cookies, user IDs or advertising IDs (e.g. DoubleClick cookies, Android advertising ID) will be anonymized or deleted after 14 month. For details please click the following link:


Our website offers the possibility to arrange a meeting with us. To request and select an appointment, we use “Calendly”, a product from Calendly LLC, 1315 Peachtree St NE, Atlanta, GA 30309, USA.

Your entered data (name, email, date and time of the desired date) will be sent to us for contacting you. This data will only be used to organize and perform the requested meeting and will not be shared with third parties. For more information about data privacy at Calendly, visit

created with by jessica lynn design
web development by carolyn sheltraw

Subscribe to our newsletter

Sign up for occasional emails and updates!