Data protection information msm.digital

1. Name and contact data of the person responsible for the processing and the company data protection officer

This data protection information applies to the data processing by:

MSM Digital Group GmbH
represented by the Managing Directors and graduate engineers (FH) Markus Ernst Oeller and Torsten Oppermann
Willy-Brandt-Allee 31d, 23554 Lübeck

Telephone: +49 (451) 160 83 500
Fax: +49 (451) 30 50 988
Mail: info@msm.digital

The MSM Digital Group GmbH company data protection officer can be contacted under the above address, for the attention of Mrs Kerstin Beiße, respectively under dataprotection@msm.digital.

2. Collecting and storing personal data plus nature and purpose of its use

a) When visiting the website

When you open our website www.msm.digital, the browser used on your device automatically sends information to our website’s server. This information is stored temporarily in a so-called “logfile”. The following information is collected, without you having to do anything, and stored until it is erased automatically after one week.

  • IP address of the accessing computer,
  • The date and time of access,
  • the name and the URL of the file retrieved,
  • Website from which access was made (referrer-URL),
  • Browser used and possibly your computer’s operating system as well as the name of your access provider.

We will process the data stated for the following purposes:

  • To guarantee a smooth connection with the website,
  • to ensure that our website is convenient to use,
  • To evaluate system security and stability, as well as
  • for other administrative purposes.

The legal basis for data processing is Article 6 para. 1 S. 1 lit. f GDPR. Our legitimate interest arises from the purposes of data collection stated above. Under no circumstances will we use the data collected for the purpose of drawing conclusions about your person.

Furthermore when you visit our website we use cookies and analytical services. You can find more information on this under items 4 and 5 of this data protection information.

b) When using our contact form

For all kinds of queries we offer you the possibility of contacting us by telephone or via a contact form provided on the website. When doing so a valid email address must be specified so that we know who is submitting the query to be able to answer it. Other information can be provided voluntarily.

The data processing for the purpose of making contact with us takes place in accordance with Article 6 para. 1 S. 1 lit. a GDPR on the basis of your voluntarily granted consent respectively, inasmuch that you have expressed a specific interest in a contract, on the basis of Article 6 para. 1 lit. b GDPR for the performance of pre-contractual measures.

The personal data collected by us for the use of the contact form is automatically erased after your query has been finally processed.

3. Disclosure of data

A transfer of your personal data to third parties shall not take place for purposes other than those listed below. We shall only share your personal data with third parties if:

  • you have given explicit consent for this in accordance with Article 6 para. 1 S. 1 lit. a GDPR,
  • the disclosure pursuant to Article 6 para. 1 S. 1 lit. f GDPR is required for establishment, exercise or defence of legal claims and there are no grounds to accept that you have an overriding interest in non-disclosure of your data,
  • a legal obligation exists for the transfer pursuant to Article 6 para. 1 S. 1 lit. c GDPR as well as
  • this is legally permissible and is required pursuant to Article 6 para. 1 S. 1 lit. b GDPR for the concluding of a contractual relationship with you.

4. Cookies

We use cookies on our website. These are small files which your browser creates automatically and stores on your device (laptop, tablet, smartphone or similar) when you visit our website. Cookies do not damage your device in any way, nor do they contain any viruses, trojans or other damaging software. Information is stored in the cookie which is associated with the specific device used. However, this does not mean that we receive direct information about your identity. On the one hand, using cookies means that use of our website will be more pleasant for you. Accordingly, we use so-called “session cookies” to identify that you have already visited individual pages on our website. These are erased automatically when you leave our website.

In addition, we use temporary cookies to help optimise user friendliness, which are always stored on your device for a period of one year. If you revisit our website to make use of our services, the system will automatically recognise that you have already visited us, and which input and settings you activated, so that you do not have to enter these again.

We also use cookies to statistically record the use of our website, and so that we can evaluate this to help optimise our services for you (see point 5). These cookies allow us to identify that you have already visited us when you revisit our website. These cookies are always erased one year after your last visit, Google-Cookies, however, (see point 5) only after two years.

The data processed by cookies are required for the purposes stated to preserve our legitimate interests and those of third parties in accordance with Article 6 para. 1 S. 1 lit. f GDPR. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are saved on your computer, or that a warning always appears before a new cookie is placed. Full deactivation of cookies, however, can mean that you may not be able to use all the functions of our website.

5. Analysis tools

The following tracking tools used by us are utilised in accordance with Article 6 para. 1 S. 1 lit. f GDPR. With the tracking measures used we aim to ensure appropriate design and ongoing optimisation of our website. We also use the tracking measures to statistically record the use of our website, and so that we can evaluate this to help optimise our services for you. These interests are legitimate within the meaning of the directive above.

We use Google Analytics, a web analysis service from Google LLC (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; in the following “Google“) for the appropriate design and ongoing optimisation or our website. With regard to this, pseudonymised usage profiles and cookies (see point 4) are used. The information about your use of this website created by the cookie such as

  • browser type/version,
  • operating system used,
  • referrer URL code (previously visited site),
  • host name of the accessing computer (IP address),
  • and time of the server query

are transferred to a Google server in the USA and stored there. This information is used to evaluate the use of the website in order to generate reports on website activity and to provide further services relating to website use and internet use for the purposes of market research and to enable these web pages to be developed in line with requirements. This information may be passed on to third parties in so far as is prescribed by law or where third parties are processing the data on behalf of Google. Your IP address will never be merged with any other Google data. The IP addresses are anonymised, so that allocation is not possible (IP masking).

You can prevent the storage of cookies by using the appropriate setting on the browser software; however, we would point out that if this is done, it may not be possible to use all functions of this website to their full extent.

In addition, you can prevent collection of the data on your use of the website (including your IP address) generated by the cookie, and also prevent the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).

For further information with regard to data protection associated with Google Analytics, please refer to Google Analytics help: https://support.google.com/analytics/answer/6004245?hl=de.

6. Social media

On our website we use, on the basis of Article 6 para. 1 S. 1 lit. f GDPR social plugins from the social networks Facebook, LinkedIn and XING in order to make ourselves better known and to offer you a variety of communication channels. The purpose behind this corresponds to our legitimate interest, Article 6 para.1 lit. f GDPR. The relevant provider must guarantee responsibility for operation of the social networks that conforms to data protection regulations.

Incorporating this plugin by the provider takes place as part of the “two-click method”, in order to give you the best possible protection. This means that, when a user visits our website, initially no personal data whatsoever is transmitted to the provider of the plugins. You can recognise the provider of the plugins by the marking on the field above the first letters of his name or by the respective logo (e.g. for Facebook: white “f” on blue tile or a “Thumbs up”-sign). We offer you the possibility of communicating directly with the provider of the plugin via the button. Only when you click on the marked field and, as a result, activate it, does the plugin provider receive the information that a user has opened the corresponding website for our online offerings. Furthermore, personal data is then transmitted to the provider of the respective plugin (in particular the IP address). In the case of Facebook and Xing, according to the respective providers in Germany, the IP address is anonymised immediately after being recorded. As a result of the plugin being activated the user’s personal data is transmitted to the respective plugin provider and stored there (in the case of US American providers in the USA). Since the plugin provider performs his data collection, in particular, via cookies, we recommend that, before clicking on the greyed-out field, you delete all cookies using your browser’s security settings.

We have no influence over the collected data and data processing activities, nor are we aware of the full extent of data collection, the purpose of the processing or the storage periods at the plugin providers. We also have no information for the erasure of the data collected by the plugin provider.

The respective plug-in provider stores the data collected on the users of our online offerings and uses them for the purpose of advertising, market research and/or needs based design of its own website. Such an evaluation is carried out in particular (also for non-logged in users) for the presentation of needs based advertising and to inform other users of the social network about the activities of the users on our website. Users have the right to object to the creation of these user profiles, whereby a user must contact the respective plug-in provider to exercise this right. By means of the plug-ins we offer you, independent of this, the opportunity to interact with the social networks and other users, so that we can improve our offer and make it more interesting for our users.

The dissemination of data takes place regardless of whether the user has an account with the plugin provider or is logged in there. If you are logged in at the plugin provider your data, collected by us, is assigned directly to your existing account with the plugin provider. If you press the activated button and, for example, link the page, the plugin provider stores this information on the appropriate user account and publicly informs your contacts. We therefore recommend that, after using a social network, to regularly log off, especially before activating the button, in this way an assignment to the profile at the plugin provider can be avoided.

More information regarding the purpose and scope of the data collection and its processing by the plugin providers, can be found in the privacy policies of these providers provided below. There one can find more information on the users’ rights and the setting possibilities for the protection of privacy within these networks.

a) Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; further information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has submitted itself to the EU-US Privacy Shield https://www.privacyshield.gov/EU-US-Framework

b) Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; http://www.xing.com/privacy.

c) LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; http://www.linkedin.com/legal/privacy-policy. Linkedin submitted itself to the EU-US Privacy Shield https://www.privacyshield.gov/EU-US-Framework

7. Google Maps

We use Google Maps API, a map service from Google (see item 5) to display an interactive map. This is done on the basis of our legitimate interest in user-friendly design of our online offerings, namely to be able to show you our locations on a map created by Google, Article 6 para. lit. f GDPR.

By visiting our website, Google receives the information that you have accessed the corresponding sub-page. Furthermore information on the use of our website (including your IP Address) is transmitted to a Google server in the USA and stored there. This takes place regardless of whether Google provides a user account that you are logged into, or if no user account exists. If you are logged into Google, your data will be assigned directly to your account when you visit our website.

If you do not wish the association with your profile on Google, you must log out prior to visiting our website. Google stores your data as usage profiles and uses them for purposes of advertising, market research and/or needs based design of its own offerings. Such an evaluation is carried out in particular (also for non-logged in users) for the presentation of needs based advertising and to inform other users of Google about your activities on our website. You have a right to object to the creation of these user profiles, whereby you must contact Google to exercise such rights.

You can disable the Google Maps service in a very simple manner and thus prevent the data transfer to Google. For this you only need to deactivate JavaScript in the browser you are using. We point out, however, that in this case you will not be able to use the map display.

You can find further information about purpose and extent of the data collection and their processing by Google in the Google data protection declaration. There you will also find further information regarding your specific rights and possibilities for adjustments to protect your privacy sphere: http://www.google.de/intl/de/policies/privacy.).

Google also processes your personal data in the US and has submitted itself to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

8. Rights of data subjects

You have the right,

  • pursuant to Article 15 GDPR, to request information about your personal data processed by us. In particular, you can request information about the purpose of processing, the category of the personal data, the categories of recipients, to whom your data were or will be disclosed, the envisaged period of storage, the existence of a right to rectification, erasure, restriction of processing or objection, existence of the right to lodge a complaint, the origin of your data insofar as they were not collected by us, as well as the existence of automated decision making including profiling and if required, meaningful information relating to the details of this.

We may only refuse to give you information, if and inasmuch, that the information given would reveal information, that, in accordance with a legal regulation or due to its nature, in particular because of the overwhelming legitimate interest of a third party must be kept secret (§ 29 para. 1 S. 2 BDSG), if the responsible public body has informed us that the publication of the data would jeopardise public safety or order or in any other manner the interests of the republic or of a federal state (§ 34 para. 1 no. 1 BDSG in conjunction with § 33 para. 1 no. 2 lit. b BDSG), or if the data is only stored for legal or statutory reasons and may not be erased, or only serves the purpose of data security or data protection control and the provision of information would involve a disproportionate effort, or if the processing for other purposes using suitable technical and organisational measures is precluded (§ 34 para. 1 no. 2 BDSG).

  • pursuant to Article 16 GDPR, to request immediate rectification of inaccurate data or the completion of your personal data which we have stored;
  • pursuant to Article 17 GDPR, you may request the erasure of the personal data we have stored, where processing is not required for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, for the establishment, exercise or defence of legal claims;
  • pursuant to Article 18 GDPR, to request the restriction of processing, where the accuracy of the personal data is contested by you, the processing is unlawful, however you oppose the erasure of the personal data, and we no longer need the data, however you require them for the establishment, exercise or defence of legal claims, or you have objected to the processing pursuant to Article 21 GDPR.
  • pursuant to Article 20 GDPR, to receive the personal data you made available to us in a structured, commonly used and machine-readable format, or to request it is sent to another controller;
  • pursuant to Article 7 para. 3 GDPR, to withdraw the consent you have given us at any time. As a consequence of this, we may no longer perform the data processing based on this consent in the future,
  • if your personal data is processed based on legitimate interests in accordance with Article 6 para. 1 S. 1 lit. f GDPR, pursuant to Article 21 GDPR to object to the processing of your personal data, provided that there are grounds that relate to your particular situation or where you are objecting to direct marketing. In the latter case, you have a general right to objection, which we will implement without you needing to specify a particular situation.

Furthermore you have a general right to lodge a complaint with the data protection supervisory authorities responsible for you. The supervisory authority responsible for the MSM Digital Group is the “Landesbeauftragte für Datenschutz Schleswig-Holstein” (State officer for data protection Schleswig-Holstein).

If you want to exercise your right to withdraw consent or object, it is adequate if you send an email to dataprotection@msm.digital.

9. Data security

During your visit to our website, we use the widely-used SSL process (Secure Socket Layer), along with the highest current level of encryption supported by your browser. This generally involves 256 Bit encryption. If your browser does not support 256 Bit encryption, we then resort to 128 Bit v3 technology. You can identify whether an individual page on our website is encrypted by the closed image of the key or lock symbol in the lower status bar of your browser.

In addition, we use appropriate technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction, or unauthorised access by third parties. Our security measures are continually improved in line with technical developments.

10. Actuality and amendments to this data protection declaration

This data protection information is currently valid and is dated August 2018. As a result of the further development of our website and offers therein or due to changed legal or official requirements, it may be necessary to change this data protection information. You may download and print the relevant current privacy policy from our website at www.msm.digital/data-protection/.