Data protection information of
MRM Distribution GmbH & Co. KG
Stand: 02 / 2021
We observe the applicable data protection regulations, in particular the requirements of the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). We only process your personal data if the law permits data processing or if you have given your consent to the processing of your data. The transparency of data processing is important to us, so we would like to inform you comprehensively with the following information on data protection.
Overview:
1. RESPONSIBLE
3. GENERAL INFORMATION ABOUT DATA PROCESSING
8. (PRE-) CONTRACTUAL SERVICES
9. DATA PROCESSING FOR ADVERTISING PURPOSES
10. WEBSITE OPTIMIZATION, REACH MEASUREMENT AND ONLINE MARKETING
12. INTEGRATION OF THIRD PARTY SERVICES AND CONTENT
13. SHARING OF DATA; PROCESSING IN THIRD COUNTRIES
16. GOOGLE FONTS (local hosting)
In detail:
1. RESPONSIBLE
The person responsible for processing your personal data on this website is:
MRM Distribution GmbH & Co. KG
Represented by the personally liable partner:
MRM Distribution Verwaltungs GmbH, represented by the managing director Melanie Achten;
Carl-von-Linde-Strasse 38
85716 Unterschleissheim
Germany
https://mrm-distribution.com
info@mrm-distribution.com
Data protection officer
Gov. Thomas
DataCo GmbH
Dachauer Strasse 65
80339 Munich
datenschutz@dataguard.de
089740045840
2. DATA PROTECTION OFFICER
You can reach our data protection officer at datenschutz@mrm-distribution.com or by phone + 49 0 89 2488 369.
3. GENERAL INFORMATION ABOUT DATA PROCESSING
a. Scope & purpose of processing personal data
We generally only process your personal data as a user of this website to the extent that this is necessary to provide a functional website and our content and services. Your personal data will only be processed with your consent for the specific purpose, unless data processing is permitted by law without obtaining prior consent. The purposes of processing result from the processing activities described in more detail below.
b. Legal basis for processing personal data
If we obtain your consent for processing personal data, Article 6 Paragraph 1 Sentence 1 a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
If the processing of your data is necessary to fulfill a contract to which you are a party, Art. 6 Para. 1 Sentence 1 b) GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
If processing of your personal data is necessary to fulfill a legal obligation to which we are subject, Art. 6 Para. 1 Sentence 1 c) GDPR serves as the legal basis.
In the event that vital interests of you or another natural person require the processing of personal data, Art. 6 Para. 1 d) GDPR serves as the legal basis.
If the processing is necessary to protect a legitimate interest of our company or a third party and your interests, fundamental rights and freedoms do not outweigh the first-mentioned interest, Art. 6 Para. 1 Sentence 1 f) GDPR serves as the legal basis for the processing.
c. Data deletion and storage period
Your personal data will be deleted or blocked as soon as the purpose of storage no longer applies. Storage can also take place if this is provided for by law or other legal regulations that are binding on us. The data will also be blocked or deleted if a storage period prescribed by the above-mentioned legal provisions expires, unless there is a need for further storage of the data to conclude or fulfill a contract.
d. Types of data processed
– Inventory data (e.g. name, address);
– Contact details (e.g. email address, telephone number);
– Content data (e.g. text entries, photographs, videos);
– Usage data (e.g. website visits, access times, personal interests);
– Communication and metadata (e.g. IP addresses, device information).
e. Purposes of processing
– Provision of the online offering, its functions and content;
– Answering contact requests and communicating with users;
- Safety measures;
– Reach measurement/marketing.
f. Categories of data subjects
Visitors and users of the online offering (hereinafter “users”).
G. Regulations regarding the provision of data and consequences of non-provision
The provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual regulations (e.g. information on the contractual partner). In order to conclude a contract, it may be necessary for you to provide us with personal data, which must subsequently be processed by us. For example, you are obliged to provide us with personal data if our company enters into a contract with you. Failure to provide personal data would mean that the contract could not be concluded.
H. Automated decision making
We do not make automated decisions.
4. YOUR RIGHTS
When processing your personal data, you have the following rights, which we would like to inform you about below. You can contact us as the person responsible, the contact details can be found above under 1.
a. Right to information (Art. 15 GDPR)
Upon request, we will confirm to you whether personal data relating to you is being processed. If this is the case, you have the right to be informed about the following information
• the purpose(s) of data processing,
• the categories of data processed, as well
• if applicable, the recipients or categories of recipients to whom data is disclosed pursuant to legal obligations or contractual relationships; especially for recipients in third countries
• the planned storage period, or if this is not possible, the criteria for determining the duration
• the existence of a right to rectification or deletion of personal data concerning you, or to restriction of processing by us or a right to object to such processing
• the existence of a right to lodge a complaint with the supervisory authority
• in the event that the personal data is not collected from the data subject: All available information about the origin of the data
• the existence of automated decision-making, including profiling, and meaningful information about the logic involved and the scope and intended effects of such processing for the data subject
• in the case of transfer to a third country or to an international organization, about the appropriate safeguards in connection with the transfer.
Upon request, you will receive a copy of the data collected and processed by you. This is generally done free of charge.
b. Right to rectification (Article 16 GDPR)
You have the right to request that incorrect personal data concerning you be corrected immediately. You have the right to request the completion of incomplete personal data, including by means of a supplementary statement, taking into account the purposes of the processing.
c. Right to deletion (Art. 17 GDPR) (so-called right to be forgotten)
Upon request or after fulfillment or termination of the contract with us, your personal data will be deleted immediately, unless this conflicts with tax or commercial law storage or documentation obligations or the safeguarding of the legitimate interests of the person responsible is at risk.
A deletion claim exists under the following conditions:
• The personal data was collected or otherwise processed for purposes for which it is no longer necessary.
• You revoke your consent on which the processing was based in accordance with Article 6 Paragraph 1 Sentence 1 a GDPR or Article 9 Paragraph 2 a GDPR and there is no other legal basis for the processing.
• You object to the processing in accordance with Art. 21 Para. 1 GDPR and there are no overriding legitimate reasons for the processing, or an objection to the processing was lodged in accordance with Art. 21 Para. 2 GDPR.
• the personal data was processed unlawfully.
• the deletion of the personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject.
• The personal data was collected in relation to information society services offered in accordance with Art. 8 Para. 1 GDPR (consent was given by a child).
d. Right to restriction of processing (Article 18 GDPR) (blocking)
Under the following conditions, you have the right to request the restriction of processing, i.e. the blocking of your personal data from processing:
• the accuracy of the personal data is contested by you for a period enabling us to verify the accuracy of the personal data.
• the processing is unlawful, you refuse the deletion of the personal data and instead request the restriction of the use of the personal data.
• The controller no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims.
• The user has lodged an objection to the processing in accordance with Article 21 Para. 1 GDPR and it is not yet clear whether the legitimate reasons of the controller outweigh those of the user.
e. Right to data portability (Art. 20 GDPR) (data portability)
Upon request, your data can be made available for a fee in a structured, common and machine-readable format for you and a subsequent service provider to enable rapid transmission. This applies in any case if the processing is based on consent in accordance with Art. 6 Para. 1 Sentence 1 a GDPR or Art. 9 Para. 2 a) GDPR or on a contract in accordance with Art. 6 Para. 1 Sentence 1 b GDPR and the processing takes place using automated procedures.
f. Right to revoke your consent (Art. 7 Para. 3 GDPR)
You can revoke your consent at any time by notifying us. This means that we are no longer allowed to continue data processing based on this consent in the future.
G. Right to lodge a complaint with the supervisory authority (Article 77 GDPR)
If you believe that there has been a violation of data protection regulations, you have the right to lodge a complaint with the responsible supervisory authority. For example, for companies in Bavaria, this is the Bavarian State Commissioner for Data Protection: https://www.datenschutz-bayern.de
H. Right to object (Article 21 GDPR)
You also have the right to object to the processing of your personal data. If the processing takes place for the purpose of direct advertising (e.g. newsletter), this right exists at any time. Otherwise, you may also have the right to object at any time to the processing of personal data concerning you for reasons arising from your particular situation. This only applies if the processing takes place on the basis of Art. 6 Para. 1 e) or f) GDPR (protection of public interests or protection of legitimate interests by the person responsible). We will then no longer process the personal data unless we can demonstrate compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
In order to exercise this right of withdrawal, you can also send us an informal message using the contact options listed under Sections 1 or 2, stating your e-mail address, in which your intention to withdraw is expressed.
5. SERVERS AND LOG FILES
logfiles
If you use the website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you would like to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 Para. 1 Sentence 1 f) EU GDPR) :
Date and time of access, name of the pages accessed, anonymized IP address of the requesting device, referrer URL (origin URL from which visitors came to our websites), the amount of data transferred, loading time, browser type, language and version , name of the visitor's access provider, operating system and its interface. The log data is stored for a period of 60 days.
Hosting
We use a so-called hoster to provide certain services in connection with the operation of this website: in particular, IT infrastructure, computing power, database services, email delivery, security services, server storage space and technical maintenance services are provided. We process this. or our host on our behalf based on Art. 28 GDPR, inventory data, contact data, content data, contract data, usage data, meta and communication data of our visitors to our website due to our legitimate interests in the professional and secure provision of our website in accordance with Art. 6 Para. 1 P. 1 f) GDPR.
6. USE OF COOKIES
In addition to the data mentioned above, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive by the browser you are using and enable us, as the entity that set the cookie, to receive certain information. Cookies cannot run programs or transmit viruses to your computer. They serve to make the Internet offering more user-friendly and effective overall.
Use of cookies:
a) Temporary cookies are automatically deleted when you close the browser. These include, in particular, session cookies. These store a so-called session ID, which can be used to assign various requests from your browser to the shared session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.
b) Permanent cookies remain stored even after the browser is closed. In this way, for example, settings or preferences can be saved.
c) First-party cookies are set by the respective website operator themselves, whereas third-party cookies are used by third parties (e.g. advertising partners).
d) Necessary cookies (also called necessary or essential cookies) are absolutely necessary for the operation of a website (e.g. to save logins or other user input) or are required for security reasons.
e) There are also cookies set, for example, for personalization, statistical purposes and marketing.
This website uses the following cookies, some of which are necessary for the operation of our website:
| Controller | designation | Purpose | Retention period | Recipients | Required |
|---|---|---|---|---|---|
| Point 1 | _ga, _gat, -gid | Analysis / Tracking (Google Analytics) | 14 months | No | |
| Point 1 | _ga, _gat, -gid | Analysis / Tracking (Google Tag Manager) | 14 months | No | |
| Point 1 | mrm cookie | consent | 1 year | - | Ja |
| Point 1 | googtrans | Multilingualism (Google Translate) | Meeting | No | |
| Point 1 | NID | Google Maps | 6 months | No | |
| Point 1 | NID | Youtube – content | 6 months | No |
If these cookies are not necessary and/or the information they contain is personal data, the legal basis for data processing is your consent in accordance with Article 6 Paragraph 1 Sentence 1 a) GDPR, which is stored via a cookie. You give your consent via our cookie notice. This groups the cookies into certain purpose-related categories. The category of required cookies is pre-filled and cannot be deselected.
If these cookies are necessary cookies and/or the information contained therein is personal data, the legal basis for data processing is Art. 6 Para. 1 Sentence 1 f) GDPR. Our interest in maintaining the functionality of our website is to be viewed as legitimate within the meaning of the aforementioned regulation.
If the processing is based on your consent, you have the option at any time to revoke this with effect for the future and thus prevent further collection of your data by selecting optional cookie categories or cookies (detailed view) in the cookie settings. Deselect settings. If and to the extent that you do not consent or revoke your consent, (further) data collection using optional cookies that require your consent and the associated data processing will not take place. The revocation of consent does not affect the lawfulness of the processing carried out based on the consent before its revocation.
You can also configure your browser settings according to your wishes and e.g. B. refuse to accept third-party cookies or all cookies. We would like to point out that you may then not be able to use all of the functions of this website. You can also, for example, on the page https://www.youronlinechoices.com/de/ generally object to the use of cookies for online marketing.
The details of the aforementioned third-party services can be found in the points listed below.
7. CONTACTING US
Contact via email, post and telephone
You have the opportunity to contact us in several ways. By email, by phone or by post. If you contact us, we will use the personal data that you voluntarily provide to us solely for the purpose of contacting you and processing your request.
The legal basis for this data processing is Article 6 Paragraph 1 b). Your data will be deleted if it is no longer needed for the purpose of processing and there is no legal obligation to store it.
Contact form
There is a contact form on our website that can be used to contact us electronically. If a user takes advantage of this option, the data you enter in the input mask will be transmitted to us in encrypted form and stored.
The legal basis for the processing of your data, if you have given your consent, is Article 6 Paragraph 1 Sentence 1 a) GDPR. If you do not have your individual consent, we will process your data on the basis of Art. 6 Para. 1 Sentence 1 b) GDPR. We process the personal data from the input mask solely to process the contact.
8. (PRE-) CONTRACTUAL SERVICES
Processing in connection with the online shop
As a registered and activated commercial customer, we only process your personal data to the extent necessary to process your orders in the online shop or when you contact us.
We only process the personal data that you provide to us, such as your name, contact details, payment details and order details.
Data processing is carried out for the purpose of fulfilling the contract and implementing pre-contractual measures on the legal basis of Article 6, Paragraph 1, Sentence 1, Letter b of the GDPR. In order to process your email address in the event of a purchase via our websites/applications, we are also obliged to send an electronic order confirmation due to legal requirements in the German Civil Code (BGB) (Article 6 Paragraph 1 Letter c) GDPR).
In order to provide you with the greatest possible convenience, we offer you the permanent storage of your personal data in a password-protected customer account/user account.
Creating a customer account is fundamentally voluntary and is based on your consent within the meaning of Article 6 Paragraph 1 Letter a) GDPR. After setting up a customer account, no further data entry is required. You can also view and change the data stored about you in your customer account at any time.
In addition to the data requested when placing an order, you must provide a password of your choice to set up a customer account. This is used together with your email address to access your customer account. Please treat your personal access data confidentially and in particular do not make it accessible to unauthorized third parties. You have the option to delete your customer account at any time. Please note, however, that this does not mean that the data visible in the customer account will be deleted once you have ordered from us. Your data will be deleted automatically after our commercial and tax retention obligations have expired. The legal basis for this data processing is Article 6 Paragraph 1 Letter c) GDPR and Article 6 Paragraph 1 Sentence 1 Letter f) GDPR.
In order to process a purchase contract, information about your delivery address will be passed on to logistics companies and shipping partners commissioned by us. The respective data is transmitted solely for the respective purposes and deleted after delivery.
Unless we use your data for advertising purposes, we store the data collected for contract processing until the statutory or possible contractual warranty and guarantee rights expire. After this period has expired, we will retain the information relating to the contractual relationship required by commercial and tax law for the periods specified by law. For this period, the data will be processed again solely in the event of an inspection by the tax authorities.
9. DATA PROCESSING FOR ADVERTISING PURPOSES
Advertising to existing customers
In principle, we have a legitimate interest in using data from our existing customers for marketing purposes. We collect the following data from our existing customers for our own marketing purposes: first name, last name, postal address, email address, year of birth. The legal basis for the use of personal data for marketing purposes is Article 6 Paragraph 1 Sentence 1 f) GDPR.
If you are not an existing customer of ours, we will only process your data for marketing purposes based on your express consent for these purposes in accordance with Art. 6 Para. 1 Sentence 1 a) GDPR.
Proper order processing agreements have been concluded with service providers that we engage for the purpose of delivering advertising and who process data on our behalf in strict accordance with our instructions.
Note on the right to object
You can object to the use of your personal data for the above-mentioned advertising purposes at any time, free of charge and with effect for the future, using the contact options provided in Sections 1 or 2.
If you object, your data will be blocked for further commercial data processing. We would like to point out that in exceptional cases, advertising material may still be temporarily sent even after your objection has been received. This is technically due to the necessary lead time during the selection and does not mean that we have not implemented your objection.
Advertising with consent
We process your data for marketing purposes only on the basis of your express consent for these purposes in accordance with Art. 6 Para. 1 Sentence 1 a) GDPR.
Proper order processing agreements have been concluded with service providers that we engage for the purpose of delivering advertising and who process data on our behalf in strict accordance with our instructions.
Note on the right of withdrawal
You can revoke your consent at any time free of charge with effect for the future.
In order to exercise this right of withdrawal, you can send us an informal message using the contact options mentioned in points 1 or 2, in which your intention to withdraw is expressed. The revocation does not affect the lawfulness of the processing carried out based on the consent up to the revocation.
Newsletter
If you would like to receive the newsletter offered on our website, we need an email address from you as well as information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter . To register for our newsletter we use the so-called double opt-in procedure. This means that after you register, we will send you an email to the email address you provided, in which we will ask you to confirm that you would like to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we store the IP addresses you use and the times of registration and confirmation. The purpose of the procedure is to be able to prove your registration and, if necessary, to clarify any possible misuse of your personal data. We use your data exclusively to send the newsletter. The legal basis for this data processing is your consent in accordance with Article 6 Paragraph 1 Sentence 1 a) GDPR.
The newsletter is sent based on our legitimate interests in an advertising-effective, secure and user-friendly newsletter system in accordance with Art. 6 Para. 1 Sentence 1 f) GDPR by the service provider dskom GmbH, Reginhardstrasse 34, 13409 Berlin, Germany within the framework of a concluded order processing agreement (Article 28 GDPR). The shipping service provider’s data protection regulations can be found at: https://www.dskom.de/werbung-marketing/kontakt/datenschutz.php.
The newsletters contain a so-called web beacon. These are small graphics that enable log file recording or log file analysis, which are used for statistical evaluations for online marketing and are accessed when you open dskom's newsletter email. As part of this retrieval, technical information is collected, such as information about the browser and your system and the time of retrieval. This information is used to technically improve our services based on the technical data, the target groups and their respective reading behavior. The statistical surveys include information about whether a newsletter is opened, its time and the links clicked. If you would like to object to data analysis for statistical evaluation purposes, you must unsubscribe from the newsletter.
The data you provide to us for the purpose of subscribing to the newsletter will be stored by us or dskom until you unsubscribe from the newsletter and will be deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored by us for other purposes remains unaffected.
After you have been unsubscribed from the newsletter distribution list, your email address may be stored in a blacklist by us or dskom in order to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 Sentence 1 f) GDPR). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interests.
Note on the right of withdrawal
You can revoke your consent to receive the newsletter at any time with future effect and unsubscribe from the newsletter. You can request the revocation by clicking on the link provided in every newsletter email or, for example, by sending us an email (see sections 1 or 2).
10. WEBSITE OPTIMIZATION, REACH MEASUREMENT AND ONLINE MARKETING
Google (Universal) Analytics
Based on your consent given in the cookie banner in accordance with Article 6 Paragraph 1 Sentence 1 a) GDPR, we use Google (Universal) Analytics, a web analysis service provided by Google Ireland Limited, on our website to analyze and improve as well as the commercial design of our online offering. Gordon House, Barrow Street, Dublin 4, parent company: Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”) with the extension of “IP anonymization” (also called “IP mask method”) a. Google uses cookies. The information generated by the cookie about users' use of the online offering is usually transferred to a Google server in the USA and stored there. The information generated by the cookie about your use of this website is approximately
• Browser type/version,
• operating system used,
• Referrer URL (the previously visited page),
• Host name of the accessing computer (IP address),
• Time of the server request.
Details about cookies can be found above under section 5.
The data collected by Google Analytics may be stored and processed in the United States or in any other country in which Google or Google's sub-processors maintain facilities. The IP mask method we use ensures that the IP address is shortened within EU member states or other EEA contracting states before it is transmitted to a Google server in the USA and stored there. so that no complete IP address is transmitted, thereby preventing or making it significantly more difficult to identify a person. Only in exceptional cases will the full, i.e. unabridged, IP address be transmitted to a Google server in the USA and only shortened there.
Google will use the above information on our behalf to evaluate the use of our online offering by users and to provide us with reports on the activities within this online offering and, if necessary, to provide us with other services in this context. For this purpose, pseudonymous user profiles can be created from the processed data.
The (shortened) IP address transmitted by the user's browser is not merged with other data from Google. You can prevent the storage of cookies by setting your browser software accordingly and prevent the data generated by the cookie relating to the online offering from being collected and processed by Google by downloading the browser plug-in available at the following link to install: https://tools.google.com/dlpage/gaoptout?hl=de.
Further information on Google's use of data, settings and objection options can be found in Google's data protection declaration (https://policies.google.com/technologies/ads) and in the settings for displaying advertising on Google (https://adssettings.google.com/authenticated).
The personal data of users is deleted or anonymized after 14 months.
Additional information on the transfer of data to the USA can be found under Section 13.
Google Signals
We have activated the Google signals function in Google Analytics (see previously). As a result, existing Google (Universal) Analytics features, such as re-marketing with Google Analytics, advertising reporting features, interest and demographic reporting, and cross-device reporting, will be updated.
This allows us to receive aggregated and anonymized data from you if you have allowed personalized ads in your Google account. Individual user data is not disclosed. Google Signals enables cross-device tracking, which means your data can also be analyzed across devices. By activating Google Signals, data is collected and linked to your Google account.
This allows Google to track when you visit our website via different devices, such as smartphones and PCs. As a result, we can use Google signals to start remarketing campaigns across devices (see section 11), so that we can also show you our offer on other websites.
In Google Analytics, Google signals also collect additional visitor data about the history and actions on our website, which means that we receive advertising reports from Google and helpful information about your interests, geographical and demographic characteristics as well as social criteria in order to define target groups/groups of people can.
These reports allow us to optimize and customize our services and products for you. By default, this data expires after 26 months. However, data is only collected as part of Google signals if you have allowed personalized advertising in your Google account. You can manage or delete this data in your Google account.
Otherwise, the information previously provided under Google (Universal) Analytics applies.
Google Tag Manager
We would like to point out that we use Google Tag Manager based on your consent given in the cookie banner in accordance with Art. 6 Para. 1 Sentence 1 a) GDPR. Google Tag Manager itself does not collect any personal data. The Tag Manager makes it easier for us to integrate and manage our tags. Tags are small elements of code used to, among other things, measure traffic and visitor behavior, understand the impact of online advertising and social channels, set up remarketing and audience targeting, and test and optimize websites.
We use the Tag Manager for the Google services Google Analytics and GA Audience. If you have made a deactivation, this deactivation will be taken into account by Google Tag Manager.
Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA;
Website: https://marketingplatform.google.com;
Data protection statement: https://policies.google.com/privacy;
For more information about Google Tag Manager visit: https://www.google.com/intl/de/tagmanager/use-policy.html.
Additional information on the transfer of data to the USA can be found under Section 13.
Calendly
You can make appointments with us on our website. We use the “Calendly” tool to book appointments. The provider is Calendly LLC, 271 17th St NW, 10th Floor, Atlanta, Georgia 30363, USA (hereinafter “Calendly”).
To book an appointment, enter the requested data and the desired date in the mask provided. The data entered will be used for planning, implementing and, if necessary, following up on the appointment. The appointment data is stored for us on Calendly's servers, whose privacy policy you can view here: https://calendly.com/privacy.
The data you enter will remain with us until you request us to delete it, revoke your consent to storage or the purpose for data storage no longer applies. Mandatory legal provisions – in particular retention periods – remain unaffected.
The legal basis for data processing is Article 6 (1) (f) GDPR. The website operator has a legitimate interest in making appointments with interested parties and customers as uncomplicated as possible. If consent has been requested, Art. 6 Para. 1 lit. a GDPR is the legal basis for data processing; consent can be revoked at any time.
Data transfer to the USA is based on the EU Commission's standard contractual clauses.
Details can be found here:
https://calendly.com/pages/dpa.
Data processing
We have concluded an order processing contract (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that the personal data of our website visitors is only processed according to our instructions and in compliance with the GDPR.
Hotjar
This website uses Hotjar. The provider is Hotjar Ltd., Level 2, St Julians Business Center, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com).
Hotjar is a tool for analyzing your user behavior on this website. With Hotjar we can record your mouse and scroll movements and clicks. Hotjar can also determine how long you have remained at a specific point with the mouse pointer. From this information, Hotjar creates so-called heatmaps, which can be used to determine which website areas are preferred by website visitors.
We can also determine how long you have stayed on a page and when you left it. We can also determine at which point you have canceled your entries in a contact form (so-called conversion funnels).
In addition, Hotjar can be used to obtain direct feedback from website visitors. This function serves to improve the website operator's web offerings.
Hotjar uses technologies that enable user recognition for the purpose of analyzing user behavior (e.g. cookies or use of device fingerprinting).
This analysis tool is used on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 Para. 1 lit. a GDPR; the consent can be withdrawn at any time.
Disable Hotjar
If you would like to deactivate data collection by Hotjar, click on the following link and follow the instructions there: https://www.hotjar.com/opt-out
Please note that deactivating Hotjar must be done separately for each browser or device.
For more information about Hotjar and the data collected, please see Hotjar's privacy policy at the following link: https://www.hotjar.com/privacy
Data processing
We have concluded an order processing contract (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that the personal data of our website visitors is only processed according to our instructions and in compliance with the GDPR.
11. ADVERTISING PARTNERS
We work with advertising partners to make the online offerings on our site even more interesting for you. For this purpose, when you visit our site, the cookies mentioned above under point 5 are also set by our advertising partners (so-called third-party cookies). Our advertising partners' cookies also store information using pseudonyms about your user behavior and interests when you visit our site. In some cases, information is also collected that was found on other sites before you visited our site. This information will be used to show you interest-based advertisements from our advertising partners. No personal data is stored and no usage profiles are combined with personal data about you.
You can prevent interest-based advertising from our advertising partners by setting the appropriate cookie settings in your browser.
Google AdSense
We use Google AdSense on our website based on your consent given in the cookie banner in accordance with Art. 6 Para. 1 Sentence 1 a) GDPR. Google AdSense is a service provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043 USA, for integrating advertisements. Google AdSense uses cookies, which are text files that are stored on your computer and enable the use of our website to be analyzed. Google AdSense also uses so-called web beacons. These web beacons enable Google to evaluate information such as the flow of visitors to our site. In addition to your IP address and the recording of the advertising formats displayed, this information is transmitted to Google in the USA, stored there and can be passed on by Google to contractual partners. However, Google does not combine your IP address with other data stored about you. You can prevent the installation of cookies by setting your browser accordingly; However, we would like to point out that in this case you may not be able to fully use all of the functions of our website. You can object to the use of your information here at any time.
You can find more information at: https://policies.google.com/privacy?hl=de
Google Ads (Adwords)
Our website uses the service based on your consent given in the cookie banner in accordance with Art. 6 Para. 1 Sentence 1 a) GDPR Google Ads. Google AdWords is an online advertising program from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (website: https://marketingplatform.google. com; privacy policy: https://policies.google.com/privacy).
On the one hand, we use the remarketing function (“similar target groups”) within the Google Ads service. With the remarketing function, we can present users of our website with advertisements based on their interests on other websites within the Google display network (on Google itself, so-called “Google Ads” or on other websites). For this purpose, the interaction of users on our website is analyzed, for example which offers the user was interested in, in order to be able to show users targeted advertising on other pages even after they have visited our website. For this purpose, Google stores a number in the browsers of users who visit certain Google services or websites in the Google display network. This number, known as a “cookie”, is used to record the visits of these users. This number is used to uniquely identify a web browser on a specific computer and not to identify a person; personal data is not stored.
We also measure the conversion of the ads. However, we only know the anonymous total number of users who clicked on our ad and were redirected to a page with a so-called “conversion tracking tag”. However, we ourselves do not receive any information that can be used to identify users.
The legal basis for this data processing is Article 6 Paragraph 1 f) GDPR.
You can deactivate Google's use of cookies by following the link below and downloading and installing the plug-in provided there: www.google.com/settings/ads/plugin.
You can find further information about Google Remarketing and Google’s privacy policy at: www.google.com/privacy/ads/.
12. INTEGRATION OF THIRD PARTY SERVICES AND CONTENT
As part of our website, we use data on the basis of consent in accordance with Article 6 Paragraph 1 Sentence 1 a) GDPR or, if consent is not available in an individual case and is not legally required, on the basis of our legitimate interests (i.e. interest in evaluating use our website and improving the operation of our website within the meaning of Article 6 Paragraph 1 Sentence 1 f) GDPR) Offers from third-party providers to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as “content”) .
This may require the respective third party providers to recognize your IP address, as without the IP address they would not be able to send the content to your browser. The IP address is therefore required for the delivery and display of this content. Third-party providers may also use so-called “pixel tags” (invisible graphic files, also called “web beacons”) for statistical or marketing purposes. The “pixel tags” can be used to analyze usage behavior on this website. The pseudonymous information can be stored in cookies on your device and may contain, for example, technical information about visiting times, the browser and operating system, the website previously visited and other information about the use of our website. There is no link with similar information from other sources.
If you do not want pixel tags to record your usage behavior, you can object to data collection at any time by sending us a message (see sections 1 or 2).
Google Maps
We may include maps from the Google Maps service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, provided you have given your consent to this as part of the cookie query. The legal basis is therefore your consent in accordance with Article 6 Paragraph 1 Sentence 1 a) GDPR. The data processed may include, in particular, users' IP addresses and location data, which, however, are not collected without their consent (usually carried out as part of the settings on their mobile devices). The data can be processed in the USA. You can find its data protection information at: https://www.google.com/policies/privacy/. You can opt out using this link: https://adssettings.google.com/authenticated.
YouTube
Based on the consent you may have given with the cookie notice, we may include videos from the “YouTube” platform of the provider Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. You can find its data protection information at: https://www.google.com/policies/privacy/
The legal basis for processing is your consent in accordance with Article 6 Paragraph 1 Sentence 1 a) GDPR. You can opt out using this link: https://adssettings.google.com/authenticated or by adjusting the cookie settings.
Google Translate (Google Translate)
We integrate the so-called Google Translate based on the consent you may have given with the cookie notice in order to be able to offer our website in different languages. The legal basis for processing is your consent in accordance with Article 6 Paragraph 1 Sentence 1 a) GDPR. The service is provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. You can find its data protection information at: https://www.google.com/policies/privacy/. You can opt out using this link: https://adssettings.google.com/authenticated or by adjusting the cookie settings.
13. SHARING OF DATA; PROCESSING IN THIRD COUNTRIES
If we process data in a third country (i.e. outside the European Union (EU) or the European Economic Area (EEA)) or the processing is carried out in the context of using third-party services or disclosing or transmitting data to other people, bodies or company, this only takes place in accordance with the legal requirements.
Subject to express consent or contractually or legally required transfer, we only process or have the data processed in third countries with a recognized level of data protection, contractual obligations through so-called standard protection clauses of the EU Commission, if certifications or binding internal data protection regulations exist (Articles 44 to 49 GDPR) .
The data collected as part of the aforementioned Google products may be stored and processed by Google, among other places, in the USA. We have no influence on further data processing by Google. For data transfer to a third country, i.e. a country outside the EU or EEA, appropriate guarantees to protect your personal data are generally required. After the European Court of Justice invalidated Commission Implementing Decision (EU) 2016/1250 of July 12, 2016 on the adequacy of the protection provided by the EU-US Privacy Shield, the EU-US Privacy Shield can no longer be used as a guarantee of an adequate level of protection in the USA according to EU standards. Therefore, there is currently no level of data protection in the USA that is equivalent to that of the EU within the meaning of Art. 45 GDPR and we cannot provide suitable guarantees in accordance with Art. 46 GDPR to compensate for this deficit. Therefore, data transfer to the USA is only permitted with your express consent in accordance with Article 49 Para. 1 a) GDPR, which you give with the cookie notice by selecting optional cookie categories or cookies (detailed view). can. Possible risks of this data transfer are that access by government authorities, such as security authorities and/or intelligence services, cannot be excluded and your data may be used by them, possibly without you being informed separately and without enforceable rights and effective legal remedies being available to you. may be processed for national security, law enforcement, or other purposes in the U.S. public interest.
Furthermore, we only pass on your data to third parties if:
• you have expressly given your consent in accordance with Art. 6 Para. 1 Sentence 1 a) GDPR,
• the disclosure in accordance with Art. 6 Paragraph 1 Sentence 1 f) GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
• there is a legal obligation for the transfer in accordance with Art. 6 Para. 1 Sentence 1 c) GDPR or
• this is legally permissible and necessary for the processing of contractual relationships with you in accordance with Art. 6 Para. 1 Sentence 1 b) GDPR.
The data will only be passed on to tax offices and social security institutions if there is a legal obligation to do so; The legal basis is Article 6 Paragraph 1 Sentence 1 c) GDPR. The data will only be passed on to service providers on the basis of a proper order processing agreement in accordance with Art. 28 GDPR.
14. APPLICANT DATA
We process the personal data of applicants for the purpose of processing the application process. Processing can also take place electronically. This is particularly the case if an applicant submits relevant application documents to us electronically, for example by email. If an employment contract is concluded with an applicant, the data transmitted will be stored for the purpose of processing the employment relationship in compliance with legal regulations. If no employment contract is concluded, the application documents will be automatically deleted six months after the rejection decision has been announced, provided that deletion does not conflict with any other legitimate interests of the person responsible.
15. CHANGES
The person responsible reserves the right to adapt security and data protection measures if this becomes necessary due to technical or legal developments. In these cases, the person responsible will also adapt these data protection information accordingly. Please therefore note the current version of our data protection information.
16. GOOGLE FONTS (local hosting)
This site uses so-called Google Fonts, which are provided by Google, for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers.
For more information on Google Fonts, please follow this link:
https://developers.google.com/fonts/faq und in der Datenschutzerklärung von Google:
https://policies.google.com/privacy?hl=de.
17. DEFINITIONS
For a better understanding, we would like to provide you with the definitions of the GDPR here, insofar as they are relevant to our data protection information.
| Supervisory authority | “Supervisory authority” is an independent government body established by a member state in accordance with Article 51 of the GDPR. |
| processors | The processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the responsible party. |
| third | A third party is a natural or legal person, public authority, agency or institution other than the data subject, the controller, the processor and the persons authorized under the direct responsibility of the controller or the processor to process the personal data. |
| Restriction of processing | Restriction of processing is the marking of stored personal data with the aim of restricting their future processing (in the sense of blocking) |
| consent | Consent is any voluntarily given and unambiguously expressed in the form of a statement or other unambiguous confirmatory act by the data subject for the particular case, by which the data subject indicates that they consent to the processing of the personal data concerning him / her is. |
| Recipients | Recipient is a natural or legal person, agency, institution or other entity to whom Personal Data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union or national law in connection with a particular mission are not considered as beneficiaries. |
| Personal data | Personal data is any information relating to an identified or identifiable natural person (hereinafter the "data subject"). A natural person is considered to be identifiable who, directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features, expresses the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person can be identified. Personal data is, in simple terms, individual information about the personal or factual circumstances of a specific or identifiable natural person, ie not legal entities such as a GmbH. Personal data primarily includes information such as name, address, email address and also the IP address. |
| Profiling | Profiling is any kind of automated processing of personal data that consists in using that personal information to evaluate certain personal aspects relating to a natural person, in particular aspects regarding analysing or predicting job performance, economic situation, health, personal preferences, interests, reliability, behavior, whereabouts or relocation of that natural person. |
| pseudonymization | Pseudonymisation is the processing of personal data in such a way that personal data can no longer be attributed to a specific data subject without the need for additional information, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that the personal data not assigned to an identified or identifiable natural person. |
| Controller | The controller is the natural or legal person, authority, institution or other body that alone or jointly with others decides on the purposes and means of processing personal data. If the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law. |
| application | Processing means any process or series of operations related to personal data, such as collecting, recording, organizing, arranging, storing, adapting or modifying, reading, querying, using, with or without the aid of automated procedures; disclosure by submission, dissemination or other form of provision, reconciliation or association, restriction, erasure or destruction. |
