1. Information on the collection of personal data
(1) In the following we inform you about the collection of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, e-mail addresses, user behaviour.
(2) The responsible party pursuant to Art. 4 (7) of the Basic Data Protection Regulation (DSGVO) is:
medienmonster GmbH
Holtenauer Str. 231 | 24106 Kiel
T: +49 431 540 2889 10
info (at) medienmonster (dot) com
(3) When you contact us, the data you provide (your e-mail address, name and telephone number, if applicable) will be stored by us in order to answer your questions. We delete the data accruing in this context after the storage is no longer necessary or restrict the processing if there are statutory retention obligations. The processing of this data is based on Art. 6 (1) lit. b) DSGVO if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 (1) f) DSGVO) or on your consent (Art. 6 (1) a) DSGVO) if this has been requested.
(4) If we use commissioned service providers for individual functions of our offer or use your data for further purposes, we will inform you and provide detailed information about the respective processes.
2. your rights
(1) You have the following rights in relation to personal data relating to you:
- Right to information,
- Right to rectification or deletion,
- right to restriction of processing,
- right to object to processing,
- the right to withdraw consent to processing,
- right to data portability.
(2) You also have the right to complain to a data protection supervisory authority (see below) about the processing of your personal data.
3. Collection of personal data when visiting our website
(1) In the case of mere informational use of the website, i.e. if you do not register or otherwise transmit information to us, we ourselves only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure its stability and security:
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transferred
- Website from which the request came
- browser
- Operating system and its interface
- Language and version of the browser software.
The storage period is 14 days. The legal basis is Art. 6 para. 1 f) DSGVO; our legitimate interest is to ensure the stability and security of our systems.
(2) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive associated with the browser you are using and through which certain information flows to the body that sets the cookie.
(3) This website uses the following types of cookies, the scope and functionality of which are explained below: Transient cookies are automatically deleted when you close the browser. These include, in particular, session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. The session cookies are deleted when you log out or close the browser. The colour selection cookies remain stored until revoked.
4. integration of services and social media
We use websites in social networks to communicate with customers, interested parties and users active there and to be able to inform them about us. It is possible that user data may also be processed outside the European Union. The USA has been assessed by the European Court of Justice as a country with an insufficient level of data protection according to EU standards. This could result in risks for users because, for example, it may be more difficult to enforce their rights. Furthermore, user data may be processed for analysis purposes. In this way, profiles can be created from the user behaviour and the interests of the users derived from it. These profiles can be used, for example, to place advertisements within and outside the platforms that are likely to correspond to the interests of the users. For these purposes, cookies may be stored on the users' computers, through which the usage behaviour, the interests of the users and/or also the length of stay are stored. In the case of requests for information and the assertion of user rights, we point out that these can be asserted most effectively with the respective providers. Only the providers have access to the relevant user data and can directly take appropriate measures and provide concrete information. For a detailed description of the respective processing, we refer to the following information on the respective providers.
A link to the social network Facebook, provider Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, is integrated on our pages. We use Facebook to provide information about our company and to announce news as well as current projects and campaigns. Detailed information on how facebook handles personal data can be found in the privacy policy: https://de-de.facebook.com/policy.php. If you do not want Facebook to be able to assign your visit to our pages to your Facebook user account, please log out of your Facebook user account beforehand. For information on the internal processing of INSIGHTS at Facebook, please refer to the regulations at https://www.facebook.com/legal/terms/page_controller_addendum.
These are briefly summarised below:
Data subject rights can be asserted with Facebook Ireland as well as with us, but the primary responsibility under the GDPR for the processing of Insights data lies with Facebook. We do not make any decisions regarding the processing of insights data and all other information resulting from Art. 13 GDPR, including legal basis, identity of the controller and storage period of cookies on user devices. Facebook complies with all obligations under the GDPR with regard to the processing of Insights Data. Facebook Ireland provides the essentials of the Page Insights Supplement to data subjects.
Data processing during direct visits to our Facebook presence
In this section, we provide you with more detailed information on the processing of personal data when using our Facebook and Instagram services. Facebook Ireland Ltd. processes personal data when using Facebook products - including when visiting the Instagram pages - even from persons who are not logged into any of the Facebook services. Which (personal) data this is in detail, how, for which purposes and on which legal basis it is processed, is described by Facebook in its data policy (https://www.facebook.com/about/privacy/update), which applies to all Facebook products. There you will also find information on how to contact Facebook as well as on the settings options for advertisements, cookies, etc. We process personal data ourselves via our Facebook account (see below under 2.), at the same time data processing takes place by Facebook (see under 1.). Facebook and our company are "joint controllers" within the meaning of Art. 26 DSGVO.
1. data processed by Facebook
For the internal processing INSIGHTS at Facebook, please refer to the regulations at https://www.facebook.com/legal/terms/page_controller_addendum. Data subject rights can be asserted with Facebook Ireland as well as with us, but the primary responsibility under the GDPR for the processing of Insights data lies with Facebook. We do not make any decisions regarding the processing of Insights Data and any other information arising from Article 13 of the GDPR, including the legal basis, the identity of the controller and the storage period of cookies on user devices.
2. data processed by us
We may use Page Insights to anonymously evaluate reach, page views, time spent on video posts, actions (likes, comments, sharing posts) and by age, gender and location (as indicated by users in their respective Facebook or Instagram profiles). In doing so, settings can be made for the evaluation of the reach or corresponding filters can be set with regard to the selection of a time period, the viewing of a specific post as well as demographic groupings (e.g. female, 20-30 years old). This data is anonymised, aggregated and abstracted. These settings therefore do not allow us to draw any conclusions about individuals. The evaluation serves to optimally design the offer on the Facebook and Instagram pages for the purpose of public relations. Furthermore, it is possible for you to interact with us via our account. For example, by marking posts with "Like", sharing or commenting on them, or by writing to us directly. In these cases, there is inevitably data processing by us, as you make your account visible to us and we gain access to your personal data. This is, among other things, your username, your profile picture, the date and time of the interaction. The legal basis of the processing in this case is Art. 6 para. 1 p.1 b DSGVO. We use your data to fulfil the interaction you have requested.
Instagram
We have integrated a link of the social network Instagram on our pages. The provider of the Instagram service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. Instagram is used by us to provide information about our company and to publicise news as well as current projects and campaigns. For details on how they handle your personal data, please refer to Instagram's privacy policy: https://help.instagram.com/519522125107875/?helpref=hc_fnav&bc
LinkedIn
We have integrated a link to the networking platform LinkedIn on our pages. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies. LinkedIn is used by us to provide information about our company. For details on the handling of personal data, please refer to LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy.
Matomo
This website uses Matomo (formerly Piwik), an open source software for statistical analysis of user access. No cookies are set. If you have given us your consent on the notice banner, we can use so-called "device fingerprinting" to track certain user behaviour. Device fingerprinting refers to technologies (usually not recognisable by the user) that can read and combine specific information from the end device used (such as the device type, device performance, operating system, log-ins, etc.) in such a way that a unique "device fingerprint" is created, which makes it possible to recognise this device and thus also actions carried out via it across all pages. The IP address is anonymised immediately after processing and before storage. The legal basis is Art. 6 para. 1 p. 1 a) DSGVO. You give us your consent, if necessary, by agreeing to this on the cookie notice banner.
6. Automated decision making
Automated decision making is not used here.
7. liability for contents
The contents of our pages have been created with the greatest care. However, we cannot assume any liability for the correctness, completeness and up-to-dateness of the contents. As a service provider, we are responsible for our own content on these pages in accordance with general legislation pursuant to Section 7 Paragraph 1 of the German Telemedia Act (TMG). However, according to §§ 8 to 10 TMG, we are not obliged as a service provider to monitor transmitted or stored third-party information or to investigate circumstances that indicate illegal activity. Obligations to remove or block the use of information in accordance with general laws remain unaffected by this. However, liability in this regard is only possible from the point in time at which a concrete infringement of the law becomes known. If we become aware of any such infringements, we will remove the relevant content immediately.
8. Liability for links
Our pages may contain links to external websites of third parties over whose content we have no influence. Therefore, we cannot assume any liability for these external contents. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time of linking. Illegal contents were not recognisable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete indications of a legal violation. If we become aware of any infringements of the law, we will remove such links immediately.
9. Applications
The data controller collects and processes the personal data of applicants for the purpose of handling the application procedure. This data is processed on the basis of Section 26 (1) sentence 1 BDSG (decision on the establishment of an employment relationship). If the data controller does not conclude an employment contract with the applicant, the application documents are automatically deleted five months after receipt of the application, provided that no other legitimate interests of the data controller oppose deletion. Other legitimate interest according to Art. 6 (1) f) DSGVO could, for example, constitute a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).
10. Data security
We secure our website and other systems through appropriate technical and organisational measures against loss, destruction, access, modification or distribution of your data by unauthorised persons. However, despite regular checks, complete protection against all dangers is not possible. Our website uses the industry standard SSL/TLS (Secure Sockets Layer) for encryption. This ensures the confidentiality of your personal information over the Internet. You can tell whether encrypted transmission is taking place by the closed key/lock symbol in your browser display. We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is technically not possible.
11. passing on of data
Your personal data will only be passed on to third parties,
- if you have given your express consent to this in accordance with Art. 6 Para. 1 a) DSGVO;
- if the transfer is necessary for the fulfilment of contractual obligations in accordance with Art. 6 Para. 1 b) DSGVO;
- if we are legally obliged to pass on the data in accordance with Art. 6 Para. 1 c) DSGVO;
- if the disclosure of the data is in the public interest as defined in Art. 6 Para. 1 e) DSGVO or;
- if the disclosure of the data is necessary to protect our legitimate interests or the legitimate interests of a third party pursuant to Art. 6 (1) f) DSGVO, unless your interests in the protection of your data prevail.
12. Categories of recipients
Order processors
We use IT service providers who work exclusively on our behalf and are bound by instructions (order processing) to provide the service offered, e.g. hosting this website or operating our IT. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly monitored.
Third party recipients
In order to process your requests satisfactorily, we may need to pass on your personal data to third party recipients. Third party recipients may include our suppliers, transport and logistics partners and our trading partners.
13. Duration of storage of personal data
We store your data for as long as it is needed for the respective purposes on which the processing is based. Beyond that, we only store data insofar as we are legally obliged to do so, e.g. due to statutory retention obligations.
14. Detailed information on the right of objection
An objection to the processing of personal data concerning you, based on Article 6 (1) e) (data processing in the public interest) or f) (data processing for the protection of legitimate interests based on a balance of interests) is possible at any time in accordance with Article 21 DS-GVO. In the event of an objection, the personal data will no longer be processed unless compelling legitimate grounds for the processing are demonstrated which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. Please address your objection to the responsible body mentioned under point 1.
15. Detailed information on the right of withdrawal
If you have given us your consent to the processing of personal data, you may revoke this consent at any time. Of course, this also applies to declarations of consent given to us before 25 May 2018 (before the applicability of the GDPR). The revocation of consent can only be valid for the future. The lawfulness of the processing is not retroactively eliminated by a revocation. Please address your revocation to the responsible body mentioned under point 1.
16. Up-to-dateness
This data protection declaration is valid as of 20.06.2021. It is the current and valid version of our data protection declaration. However, we would like to point out that a revision of this data protection declaration may become necessary from time to time due to actual or legal changes.
17. Supervisory authority
The address of the supervisory authority responsible for us is:
Independent Centre for Data Protection Schleswig-Holstein
Holstenstraße 98 | 24103 Kiel
Phone: +49 431 988-1200, Fax: +49 431 988-1223
E-mail: mail (at) datenschutzzentrum (punkt) de
18. Data protection officer
If you have any data protection questions, you are welcome to contact our data protection officer:
Manuel Langeheinecke
dsgvoNORD GmbH
Marga-Faulstich-Str. 8 | 24145 Kiel
Telephone: 0431 301400600