DATA PROTECTION

Protecting your privacy is very important to us. The legal standards require comprehensive transparency regarding the processing of personal data. Only if the processing is comprehensible to you as the data subject, you are sufficiently informed about the meaning, purpose and scope of the data processing. Below we therefore inform you in detail about the way your data is handled when using this website and your rights regarding your personal data.

Should you have any further questions regarding data protection, please do not hesitate to contact us by e-mail at office@mhm.com.de.

1. Controller

Responsible for the processing of your personal data within the meaning of Art. 4 (7) of the General Data Protection Regulation (GDPR) is:

MHM GROUP GmbH
Managing Director Marcus Höfl
Schwarzseestr. 14
A-6370 Kitzbühel
Austria

2. General Information on Data Processing

We process personal data only to the extent permitted by law. Personal data will only be disclosed in the cases described below. Personal data will be deleted or protected by technical measures (e.g. anonymisation) as soon as the purpose of processing ceases to apply. This also applies when a prescribed storage period expires, unless there is a need for further storage of personal data for another storage purpose. Unless we are legally obliged to store or disclose your personal data to third parties (in particular law enforcement authorities), the decision which personal data we process depends on which functions of the website you use in individual cases.

Please note that links on our website may take you to other websites which are not operated by us but by third parties. Such links are either clearly marked by us or are recognizable by a change in the address line of your browser. We are not responsible for compliance with data protection regulations and safe handling of your personal data on these websites operated by third parties.

3. Processing during the use of the website

When you visit our website, the browser on your device automatically sends information to the server on our website. This information is temporarily stored in a so-called log file. The following information is recorded and stored until it is automatically deleted:

  • shortened by the last octet IP address of the requesting computer,
  • date and time of access,
  • the name and URL of the retrieved file,
  • the website from which access is made (referrer URL),
  • the browser used and, if applicable, the operating system of your computer as well as
  • the name of your access provider.

The mentioned data will be processed by us for the following purposes: 

  • Ensuring smooth connection of the website,
  • ensuring comfortable use of our website,
  • checking and guaranteeing system security and stability as well as
  • for other administrative purposes.

The legal basis for data processing is Art. 6 (1) (1) (f) GDPR. Our legitimate interest follows from the aforementioned purposes of data collection. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person. We delete this data after three months. We do not combine this personal data with other data sources. Disclosure only takes place if it is necessary for the operation of our website, e.g. by storing it with our host provider. A transfer to a third country or to an international organisation is not intended.

4. Processing by using individual services via our website

Various services are available on our website, where we collect personal data from you if you decide to use them.

a) Contact form / Contact us by e-mail

If you use the contact form on our website or send us an e-mail, we will process the personal data you provide. This information is transmitted by your browser or e-mail client and processed in our IT systems. The processing of this personal data is necessary to answer your request. In addition, your IP address and the date and time of the contact request will be stored.

The processing of your personal data serves to answer your request and to prevent abuse of the contact form and to guarantee the security of our IT systems. These processing operations are lawful because the reply to your request and the protection of our IT systems represent legitimate interests within the meaning of Art. 6 (1) (1) (f) GDPR. If a contract is concluded after you have contacted us, the processing is also legal pursuant to Art. 6 (1) (1) (b) GDPR.

The personal data will be processed as long as necessary to respond to your request. Should your request lead to a later conclusion of the contract, processing will take place as long as this is necessary to carry out pre-contractual measures or to fulfil the contract. We do not merge your personal data with other data sources. Your personal data will not be disclosed to third parties. A transfer to a third country or to an international organisation is not intended. You are not obliged to provide your personal data, but it is not possible to use the contact form or send an e-mail without providing it.

b) Newsletter

If you have explicitly given your consent according to Art. 6 (1) (1) (a) GDPR, we will use your e-mail address to send you our newsletter on a regular basis. To receive the newsletter it is sufficient to provide an e-mail address.

You can unsubscribe at any time, for example via a link at the end of each newsletter. Alternatively, you are welcome to send us your un-subscription request at any time using the above contact details, by e-mail, fax or post.

5. Data Transmission

Your personal data will not be transmitted to third parties for purposes other than those listed below. We will only pass on your personal data to third parties if:

a) you have given your explicit consent pursuant to Art. 6 (1) (1) (a) GDPR,

b) the disclosure pursuant to Art. 6 (1) (1) (f) GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection not disclosing your data,

c) in the event that a legal obligation exists for the transfer pursuant to Art. 6 (1) (1) (c) GDPR,

d) this is legally permissible and required by Art. 6 (1) (1) (b) GDPR for the processing of contractual relationships with you, or

e) this is done to a service provider acting on our behalf and on our exclusive instructions, whom we have carefully selected (Art. 28 (1) GDPR) and with whom we have concluded a corresponding contract for order processing (Art. 28 (3) GDPR), which obliges our contractor, among other things, to implement appropriate safety measures and grants us comprehensive control powers.

Transmission to the service providers referred to in point (e) for the purpose of order processing shall take place in the following areas: technical provision and programming of the website, user communication, provision of software as a service.

6. Cookies

We use Cookies on our website. They are small text files your browser automatically creates while visiting our website and are stored on your device (laptop, tablet, smartphone, etc.). Cookies don’t damage your device, don’t contain viruses, Trojans or other malware. Information is stored in the Cookie which arises in each case in connection with the specific used device. However, this does not mean that we immediately become aware of your identity. The use of Cookies serves on the one hand to make the use of our offer more comfortable and functional for you. For example, we use so-called session Cookies to recognize that you have already visited individual pages of our website. These will be deleted automatically after leaving our site. In addition, we also use temporary Cookies that are stored on your device for a period of 90 days to optimize user-friendliness. If you visit our website again to use our services, it will automatically recognize that you have already been with us and what entries and settings you have made so that you do not have to enter them again. We use these Cookies in accordance with art. 6 (1) (1) (b) GDPR in order to make our website available to you in an appropriate manner.

On the other hand, we use Cookies to statistically record the use of our website and to optimize our offer for you (see no. 7), in order to further develop our offer and particularly our website. In this respect, the processing of these Cookies is in our legitimate interest covered by Art. 6 (1) (1) (f) GDPR. They enable us to automatically recognize when you return to our site that you have already been with us. These cookies are automatically deleted after a defined period of time.

Most browsers automatically accept Cookies. However, you can configure your browser so that no Cookies are stored on your computer or a message always appears before a new Cookie is created. The complete deactivation of Cookies can lead to the fact that you cannot use all functions of our website. The following links provide information on this option for the most frequently used browsers:

7. Webanalytics

We use a number of web analysis services which use Cookies to statistically record the use of our website, to evaluate them for the purpose of optimising our offer for you and to further develop our offer and in particular our website. In this respect, the processing of these cookies is in our legitimate interest covered by Art. 6 (1) (1) (f) GDPR.

a) Google Analytics

For the purpose of demand-oriented design and continuous optimization of our website, we use Google Analytics, a web analysis service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter "Google"). In this context, pseudonymised user profiles are created and Cookies are used (see No. 6). The information generated by the Cookie about your use of this website such as

  • Browser type/version,
  • operating system used,
  • referrer URL (the previously visited page),
  • host name of the accessing computer (IP address) and
  • time of the server request

are transferred from your browser to a Google server in the USA and stored on Google servers. The pseudonymized user profiles are deleted after 14 months. The information is used to evaluate the use of the website, to compile reports on the website activities and to provide further services associated with the use of the website and the Internet for the purposes of market research and demand-oriented design of these websites. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of the company. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are anonymized so that an assignment is not possible (IP masking). You can prevent the installation of cookies by setting your browser software accordingly (DO-NOT-TRACK).

You can also prevent the collection of data generated by the Cookie and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on. For more information about privacy in connection with Google Analytics, please visit the Google Analytics Help Center.

8. Integration of social networks

On the basis of Art. 6 (1) (1) (f) GDPR we use the social networks Facebook, Twitter, Instagram and Youtube in order to make our website better known and to interact with our target groups. Responsibility for the data protection-compliant operation of these services is guaranteed by the respective provider. We integrate these services exclusively via a link so that visitors to our website have the best possible control over their personal data.

These social networks are operated exclusively by third parties, some of whom have their register office outside the E.U. or the EEA - there may therefore be no adequate level of data protection in accordance with the GDPR. The browser plug-ins and links on our website are identified by logos or other references. When you visit our website, which contains such a browser plug-in, a connection is automatically established between your device (browser) and the servers of the respective social network. This forwards the information that you have visited our website to the social network. If you are logged in to the social network via your personal user account or during your visit to our website, your visit to our website will be assigned to your account. By interacting with browser plug-ins or links, e.g. by pressing a "like" button or leaving a comment, this information is transmitted to the respective social network and stored there. The allocation of the data to your account can therefore be prevented on the one hand by logging out of your account (of the respective social network) before visiting our website. On the other hand, you can also completely prevent the loading of the respective plug-ins with an add-on for your browser, e.g. with the script blocker "NoScript".

The purpose and scope of data collection through social networks as well as the further processing and use of your data and your rights and setting options for the protection of your privacy can be found in the respective data protection information of the operators:

Facebook: https://www.facebook.com/policy.php
Provider: Facebook Inc., 1601 Willow Road, Nelo Park, CA 94025, USA

Twitter: https://twitter.com/privacy?lang=de
Provider: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA

Instagram: https://help.instagram.com/478745558852511
Provider: Instagram LLC, 1601 Willow Rd, Menlo Park CA, 94025 USA

YouTube: https://policies.google.com/privacy?hl=de
Provider: Google Inc., Amphitheater Parkway, Mountain View, CA 94043, USA.

9. Rights of data subjects and right of appeal

As a data subject of a processing of personal data you have the right,

a) to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data, if these have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information on their details;

b) to immediately request the correction of incorrect or complete personal data stored by us in accordance with Art. 16 GDPR;

c) to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;

d) pursuant to Art. 18 GDPR, to restrict the processing of your personal data if you dispute the accuracy of the data, if the processing is unlawful but you refuse to delete the data and we no longer need the data, but if you need it to assert, exercise or defend legal claims or if you have filed an objection to the processing pursuant to Art. 21 GDPR;

e) to receive your personal data, which you have provided to us, in a structured, current and machine-readable format in accordance with Art. 20 GDPR or to request its transfer to another person responsible; and

f) to complain to a supervisory authority pursuant to Art. 77 GDPR. You can contact the supervisory authority of your usual place of residence or workplace or our head office. The supervisory authority responsible for our registered office is the Austrian Data Protection Authority, Hohenstaufengasse 31010 Vienna, Phone: +43 1 531 15 / 202525, Fax: +43 1 531 15 / 202690, E-Mail: dsb@dsb.gv.at.

With the exception of the right of appeal to the supervisory authority, it is sufficient to send an e-mail to office@mhm.com.de.

10. Right of revocation in case of processing after consent

If your personal data are processed on the basis of consent pursuant to Art. 6 (1) (1) (a) GDPR (e.g. newsletter dispatch), you have the right to revoke your consent at any time without stating reasons. As a result, we are no longer allowed to continue processing data based on this consent in the future. The revocation of your consent does not affect the legality of the processing carried out on the basis of the consent until revocation.

If you wish to exercise your right of revocation, simply send an e-mail to office@mhm.com.de.

11. Right to object

If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 (1) (1) (f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for this arising from your particular situation. If your objection is directed against direct advertising, you have a general right of objection; a justification is not required in these cases.

If you wish to exercise your right of objection, simply send an e-mail to office@mhm.com.de.

12. Data Security

We use the most common SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. Usually this is a 256 bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. Whether a single page of our website is transmitted in encrypted form is indicated by the closed display of the key or lock symbol in the lower status bar of your browser.

We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. We continually adapt our security measures in line with technological developments.

13. Current version and Changes of Privacy Policy

This Privacy Policy is effective as of June 2018 and may need to be amended as our websites, apps and offerings evolve or as a result of changes in legal or regulatory requirements. You can call up and print out the current data protection declaration at https://mhm.com.de/Datenschutz at any time.

Version: June 2018