Privacy at MMSystem Service
Privacy policy
MMSystem Service [eDSB online] supports and advises companies in complying with data protection regulations (Data Protection Regulation DSGVO and the Federal Data Protection Act BDSGneu). We offer expertise in the areas of data protection consulting, data protection training and data protection management. Data protection is our corporate philosophy and our core competence. We are therefore committed to protecting the personal data of our customers to the best of our ability and to complying with the applicable data protection laws. In addition, we work continuously to improve data protection. This privacy statement explains how we process personal data.
Please read the following information on handling personal data carefully.
Responsible party
Who is responsible for data processing and whom can I contact?
MMSystem Service
Neukuchhausen 42
42349 Wuppertal
Tel.: 0202 24 71 802
info@mm-system-service.de
Owner: Marc Mätzig
(Due to the size of the company, there is no obligation to appoint a data protection officer).
Our data protection declaration only applies to websites of MMSystem Service. On servers to which the external links lead, other data protection declarations apply. In order to check these, you should visit the data protection declaration of the respective offer and, if necessary, contact the respective provider directly.
Which terms are important?
"Personal data"
means any information about a known or identifiable natural person ("data subject"). A person is identifiable if he or she can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity. This therefore includes IP addresses or unique identification numbers stored in cookies.
"Responsible party"
means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. "Processor" a natural or legal person, public authority, agency or other body that processes personal data on behalf of the Controller.
"processor"
a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.
"Processing"
means any operation or set of operations which is performed upon Personal Data, whether or not by automated means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
"Third Country"
means any country outside the European Union or outside the European Economic Area (EU/EEA).
To which processing operations does this Privacy Policy apply?
This Privacy Policy applies to all processing operations directly related to the use of our web presence www.mm-system-service.de and edsbonline.[eu/en/com]. This includes all web pages of our web presence. This data protection declaration also applies to the use of the WhistleOps whistleblower portal and to participation in web-based training (WBT).
What information MMSystem Service stores about you.
MMSystem Service collects, stores, and uses personal data only in the context of initiating, conducting, expanding business relationships, and fulfilling contracts.
MMSystem Service only requires certain personal data. This is information that is necessary to fulfill our contractual obligations, provide services, respond to inquiries, assist with technical / organizational problems, or to contact them upon request.
It is possible that MMSystem Service collects data when you:
- Request a quote for service and/or services,
- order service and/or services,
- submit a support / privacy request to us,
- participate in online video conferences, surveys, audits and trainings.
In this context, it may be necessary for you to provide us with the following information.
provide us with the following information:
Name, address, email address, IP address, phone number, activity, company,
preferences, customer number, service history, bank details and, in the case of requests for information, date of birth.
It is possible that MMSystem Service collects data when you:
request a quote for services,
order services,
submit a support or privacy request to us
participate in online videoconferences, surveys, audits, training, or
use our whistleblower portal.
For what purposes is the data processed?
Order management incl. customer base
Purpose: Processing of orders and purchase orders incl. invoicing.
Admissibility: To fulfill contractual obligations (Article 6 para. 1b DSGVO).
Deletion period: 10 years (legal retention period)
Recipients: Service provider / tax consultant
Objection: no possibility to object.
Provision of the website
Purpose: creation of protocol or log files
Permissibility: Creation of protocol or log files Within the framework of the balancing of interests (Article 6 para. 1f DSGVO).
Deletion period: A session cookie is harmless under data protection law and is deleted again when the browser is closed.
Recipient: Provider / STRATO AG, Pascalstraße 10, 10587 Berlin, Germany.
Objection: no possibility to object
Download: Documents or information material
Purpose:
A) Provision of free information
B) Provision of documents
Permissibility:
A) In the context of balancing interests (Article 6 para. 1f DSGVO).
B) To fulfill contractual obligations (Article 6 para. 1b DSGVO).
Deletion period: After completion of the transfer, the data will be deleted.
Recipient: Provider
Objection: no possibility to object.
E-mail contact
Purpose:
Electronic contact
Answering the inquiry
Permissibility:
In the context of balancing interests (Article 6 para. 1f DSGVO).
For the fulfillment of contractual obligations (Article 6 para. 1b DSGVO)
Deletion period: Immediately after the purpose ceases to apply and if no legal archiving obligations apply, contract-related data 6 years
Recipient: provider / STRATO AG, Pascalstraße 10, 10587 Berlin, Germany.
Objection:
In the case of requests, they can object to the processing for the future.
Within the scope of our contractual relationship, no objection is possible.
Online questionnaires / forms
Purpose: To carry out data protection checks, among other things.
Admissibility: For the fulfillment of contractual obligations (Article 6 para. 1b DSGVO).
Deletion period: Session cookies after closing the browser. Records until the end of the customer status.
Recipients: none
Objection: no possibility to object
Online trainings
Purpose: Administration and execution of trainings
Admissibility: For the fulfillment of contractual obligations (Article 6 para. 1b DSGVO).
Deletion period: Session cookies after closing the browser. After transmission of the participant certificates, the data is deleted.
Recipients: clients and their participants.
Objection: no possibility to object
Whistleblower portal
Purpose: Collection, management and documentation of tips.
Admissibility: For the fulfillment of contractual obligations (Article 6 para. 1b DSGVO).
Deletion period: Session cookies after closing the browser. Documents according to retention period.
Recipients: Client, authorities, possible third parties
Objection: no possibility to object
Payment processing
Purpose: execution of payment processing
Permissibility:
Due to legal requirements (Art.6 para. 1c DSGVO).
To fulfill contractual obligations (Art. 6 para. 1b DSGVO)
Deletion period: 10 years (legal retention period)
Recipient: payment service provider
Objection: no possibility to object
When MMSystem Service shares your personal data.
Your data may be passed on to other departments, employees or contractual partners of MMSystem Service such as service providers, order data processors, tax consultants, shipping partners or financial institutions that provide services for MMSystem Service. MMSystem Service ensures that the information is used only in the course of the services that these persons provide to MMSystem Service and is treated confidentially.
In addition, MMSystem Service will only disclose your personal information as required by applicable law, when required by a court or governmental order, or to ensure that we comply with our legal obligations.
We will not share or sell your personal data (e.g. name, address, phone number) to third parties without your consent.
We do not plan to transfer your data to third countries. A transfer to a third country may come into consideration if you use WhistleOps, if your employees in third countries are to be trained online or if you yourself access the website from a third country. In this case, personal data may be stored on servers in the third country.
How long do we store your data!
Your data will be deleted as soon as the purpose of the data processing has been fulfilled, provided that there are no legal retention obligations to the contrary.
This website uses session cookies.
We use cookies to provide content and applications in a technically secure manner and to analyze our traffic for opt-in marketing of our websites.
What are cookies?
Cookies are small text files that are placed on your computer and stored by your browser. Cookies store certain information (e.g. your preferred language or page settings), which can be sent back to us by your browser when you visit the website again (depending on the lifetime of the cookie).
What cookies do we use?
Required
These cookies are absolutely necessary for the operation of the website and enable, for example, security-related functions. In addition, these cookies allow us to recognize whether you wish to remain logged in to your profile so that we can provide you with our services more quickly when you visit our website again.
PHPSESSID 2badvice-cdn.azureedge.net.
WordPress cookie that determines a unique ID for the current session.
Expiration:Session Provider:www.2b-advice.com
For the basic functions of the website, technically necessary cookies and technical data, without your consent, are used by us. The legal basis for the processing of technically necessary data via or in your terminal device as well as cookies is the European Cookie or ePrivacy Directive in conjunction with the German Telemedia Act (§§ 12 ff. TMG, until 30.11.2021) from 01.12.2021 the Act on the Regulation of Data Protection and Privacy in Telecommunications and Telemedia (§ 25 f. TTDSG).
Our presence in social media
We point out that other data protection guidelines and liability regulations apply to these third-party providers. The storage and use of data by the third-party providers goes beyond the scope of our privacy policy. The further processing in the connected social internet networks, the storage period as well as the purpose of use are determined exclusively by these providers. For more information and the data protection notices of these providers, please refer to the following links:
LinkedIn
Operator of the social network: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
Privacy policy: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv
Mastodon
Mastodon gGmbH
Mühlenstraße 8a, 14167 Berlin, Germany
Germany
E-mail address: hello@joinmastodon.org
Privacy policy:
https://mastodon.social/privacy-policy
Xing
Operator of the social network: XING SE, Dammtorstraße 30, 20354 Hamburg, Germany, Tel.: +49 40 419 131-0, Fax: +49 40 419 131-11, E-mail: info@xing.com
Privacy policy: https://privacy.xing.com/de/datenschutzerklaerung
What should I be aware of when linking to other websites?
When we provide links to other websites outside our website, we try to link only to websites that share our values. However, you should read the privacy policy of the linked website each time to learn about their information collection practices, such as their use of cookies.
We are not responsible for the content or privacy practices of other websites. When you visit another website, you should carefully read its privacy policy and other policies.
How is personal information protected at our site?
Data is processed at MMSystem Service and for our websites, at our service providers on industry standard (e.g. firewalls, password protection) data centers and computers protected by security technologies. We use appropriate measures and procedures to protect your personal data.
We protect your data through regular internal controls and a modern IT infrastructure. Insofar as we cooperate with order processors for the processing of orders and inquiries, we ensure an equivalent level of protection of your data through binding agreements, prior checks of the respective order processors and controls.
What rights do data subjects (users of our website) have?
You have the right to know what data we have stored about you and for what purpose (information pursuant to Art. 15 DSGVO).
You have the right to request that we correct incorrect data about you (correction pursuant to Art. 16 DSGVO).
You have the right to request that we delete the data if, for example, the data is no longer required for the purposes for which it was stored or if we are not permitted to store the data for other reasons (deletion pursuant to Art. 17 DSGVO). However, if we are legally entitled or even obliged to store the data, we cannot comply with the request for deletion.
You have the right to object to the processing (objection pursuant to Art. 21 (1) DSGVO). This objection must include an explanation of the particular situation on the basis of which further processing is unreasonable for you. The objection will be carefully reviewed and the data will be blocked for the duration of the review.
You have the right to object to the use of your personal data for advertising purposes at any time with effect for the future, without incurring any costs other than the transmission costs according to the basic rates (the usual costs of your Internet or telephone connection) (advertising objection pursuant to Art. 21 (2) DSGVO).
You have the right to have data blocked if, for example, the accuracy of the data could not be established or you have lodged an objection and the examination has not yet been completed (restriction of processing pursuant to Art. 18 DSGVO).
You have the right to receive data that you have provided to us and that is processed by us automatically in a common, machine-readable format (data portability pursuant to Art. 20 DSGVO).
How and where can the rights be exercised?
We have defined processes within our company so that you can exercise your rights with us. You have a right to,
Revoke your consent.
To receive information about your data stored by us.
to have incorrect data about you corrected by us.
that data about you which is no longer required is deleted by us.
that under certain conditions the processing of your data is restricted.This may be the case, for example, if deletion is not possible, but the data may not be processed further.
That your data is transferable. This right applies in particular if you have given your consent to the processing of your data or if the processing of the data is necessary to fulfill a contract. The right to data portability does not exist insofar as your data is processed within the scope of the statutory performance of duties.
To complain to a supervisory authority. If you believe that the processing of your data violates legal requirements, you can complain to the supervisory authority. Contact details can be found at the end of this privacy policy.
Contact details
MMSystem Service
Neukuchhausen 42
42349 Wuppertal
If you have any questions or suggestions regarding our privacy policy, please send us an e-mail using the subject line "Privacy eDSBonline" to the following address:
dsb[@]edsbonline.eu
We would like to inform you that in certain cases we may request additional information from you in order to establish your identity. For example, in exercising the right to information, we can ensure that information is not released to unauthorized persons.
Right to object
You can object to the use, processing and transfer of your data at any time by sending us a written notice and revoking your consent. We will delete any personal data stored by us after receiving your revocation! If legal regulations prevent deletion, we will block your data and no longer use it.
Information
Upon request and within the statutory one-month period, we will inform you about the type of data stored about you, the purpose of storage and possible recipients or types of recipients. Upon written request and within the statutory one-month period, we will also correct, delete and/or block personal information for further processing if this information proves to be factually incorrect, incomplete or irrelevant for processing.
You can contact us at any time using the contact details in the imprint or the e-mail address if you have any questions or suggestions regarding our data protection policy. Likewise, you can ask at any time what personal data is stored about you and have it corrected or deleted accordingly.
The responsible supervisory authority is
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
P.O. Box 20 04 44
40102 Düsseldorf
https://www.ldi.nrw.de
Phone: 0211/38424-0
Fax: 0211/38424-10