Company: Marketing Factory Consulting GmbH
Street, No.: Marienstraße 14
Postcode, City, Country: 40212 Düsseldorf, Germany
Company registry number: HRB 53971
Managing Directors: Karoline Steinfatt, Christoph Allefeld, Ingo Schmitt
Phone number: +49 211 36 11 76 0
E-mail address: firstname.lastname@example.org
IITR Datenschutz GmbH
Dr. Sebastian Kraska
E-Mail: email@example.com, Phone: 089-18917360
- This privacy statement informs you on the kind, scope and purpose of personal data processing within the scope of our online offering and websites to which our online offering provides hyperlinks, as well as on functions and content (hereinafter jointly referred to as “Online Offering” or “Website”). This privacy statement applies independent of the used domains, systems, platforms or devices (e.g. desktop or mobile devices) to provide or access the Online Offering.
- Regarding the used terms, such as e.g. “personal data” or “processing” of personal data, we refer to the definitions in Article 4 General Data Protection Regulation (GDPR).
- Personal data of users that is processed within the scope of this Online Offering includes user data (e.g. name and address of customers), usage data (e.g. visited Websites of our Online Offering, interest in our services) and content data (e.g. entered data in contact forms).
- The term “user” includes all categories of data subjects that are affected by data processing. This includes our business partners, customers, prospects and other visitors of our Online Offering. The used terms, such as e.g. “user” are to be interpreted in a gender-neutral manner.
- We only process personal user data in compliance with relevant data protection provisions. This means that user data is only processed if the user has provided its consent as required by law. I.e., in particular, that user data is only processed, if the processing of data is necessary or required by law to perform our contractual obligations / services (e.g. order processing) and to provide our online services or if the user has provided his consent, but also, if processing of user data is based on our legitimate interests (i.e. Interest in the analysis, optimization and economic operation and security of our Online Offering in terms of Art. 6 Para 1 lit. f. GDPR, in particular for media coverage measurement purposes, preparation of profiles for advertising and marketing purposes, as well as access data collection and use of third-party services).
- We expressly note that the legal basis for the provision of consent is Art. 6 Para 1 lit. a. and Art. 7 GDPR, that the legal basis for the processing of data to fulfil our service obligations and to perform contractual measures is Art. 6 Para 1 lit. b. GDPR, that the legal basis for the processing of data to meet our legal obligations is Art. 6 Para 1 lit. c. GDPR and that the legal basis for the processing of data to safeguard our legitimate interests is Art. 6 Para 1 lit. f. GDPR.
- We apply organisational, contractual and technical security measures with regard to the state of the art to ensure compliance with data protection law provisions and the protection of the data we process against accidental or intentional manipulations, loss, destruction or access by unauthorised individuals.
- These security measures include, in particular, encrypted data transmission between your Browser and our server.
- Data is only disclosed to third parties to the extent permitted by law. We only disclose user data to third parties, if such disclosure is necessary, e.g., for contractual purposes in accordance with Art. 6 Para 1 lit. b. GDPR or based on our legitimate interests in accordance with Art. 6 Para 1 lit. f. GDPR to operate our business in an economic and effective manner.
- In those case where we engage sub-contractors to provide our services, we take appropriate legal precautions, as well as adequate technical and organisational measures to provide for the protection of personal data in accordance with relevant statutory provisions.
- If within the scope of this privacy statement content, tools or other means of other providers (hereinafter jointly referred to as “third-party providers”) are used and their stated principal place of business is located in a third country, one has to expect that data will be transferred to the countries of the third-party providers’ principal place of business. Third countries are to be understood as countries, where the GDPR is not directly applicable law, i.e. in general any country outside of the EU / European Economic Area. Data is transmitted to third countries, if an appropriate data protection level is implemented or if such data transmission is permitted by law.
5.1. Based on our legitimate interests in terms of Art. 6 Para 1 lit. f. GDPR, we collect data on each access to the server on which our service is located (so-called server log files). This access data includes, name of the accessed website, file name, access date and time, transmitted data volume, successful data transmission message, Browser type and version, the user’s operating system, referrer URL (previously visited page), IP address and requesting provider.
5.2. All log file information is stored for a period of seven days at a maximum for security reasons (e.g. investigation and clarification of abuse or fraudulent acts). After this period, log files are anonymised, so that the identity of website visitors can no longer be concluded from these log files. Data that must be kept for evidence purposes is excepted from anonymisation until the relevant incident is finally solved.
6.1. A cookie is information that is transmitted from our web server or third-party web servers to the users’ web Browsers and stored on the user’s computer to support future visits. Cookies can be small files or other types of information storage.
6.2. We use "Session-Cookies” that are only temporarily stored for the duration of the current visit on our online presence. A randomly created unique identification number is stored in a session cookie, a so-called session ID. A cookie contains, in addition, the information on its origin and the storage period. These cookies cannot store any other data. Session-Cookies will be erased, when you have ended the use of our online offering and e.g. close your Browser.
6.4. If you do not wish that cookies are stored on your computer, please deactivate the respective option in the system settings of your Browser. Stored cookies can be erased using the system settings of the Browser. If storage of cookies is blocked, this may restrict functionality of this online offering.
- Data stored with us are erased as soon as data is no longer needed for their intended purpose and such erasure does not conflict with statutory retention obligations. If user data is not erased, because it is required for other purposes permitted by law, processing of such data is restricted. I.e. such data is locked and will not be used for other purposes. This applies e.g. for user data that must be kept for commercial or tax law reasons.
- In accordance with statutory requirements data is kept for six years according to Section 257 Para 1 HGB [German Commercial Code] (commercial books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting records etc.), as well as for ten years according to Section 147 Para 1 AO [German Tax Code] (books, records, management reports, accounting records, commercial and business letters, tax relevant documents etc.).
- We reserve the right to amend this privacy statement to adapt this privacy statement to changed legal situations or in the case our services or processing of data changes. This applies, however, only in relation to statements regarding data processing. If your consent is required or if components of the privacy statement contain arrangements of the contractual relationship with you, amendments to the privacy statement are only performed with your consent.
- 14.2. We kindly ask you to routinely check the privacy statement’s content.