Last updated: 01 October 2018
Our Web Site is only directed to adult users. We therefore request individuals under the age of 18 not to provide Personal Data through the Web Site.
I. Name and address of the controller
The controller within the meaning of the EU General Data Protection Regulation (GDPR) and other national data protection laws of EU member states as well as other data protection provisions is:
MAUSER Corporate GmbH
50321 Bruehl, Germany
Telefax: +49 - 2232 - 78 - 1000
MAUSER Corporate GmbH is represented by: Michael Steubing, Bjoern Kreiter, Dr. Gerhard Obernosterer, Tom de Weerdt.
II. Name and address of the data protection officer
The data protection officer of the controller is:
data protection officer
Mauser Corporate GmbH
50321 Brühl, Germany
Telephone: +49(0)2232 78 1332
Fax: +49 (0)2232 78 1270
III. General information about data processing
1. Extent of the processing of personal data
What is personal data?
Personal data are personal and factual information that directly or indirectly reveal your identity or can be used to identify or contact you (hereinafter "Personal Data"). Examples of such Personal Data include your name, address, email address, IP address, telephone number, date of birth. We collect such Personal Data when you complete our contact form, contact us via the email address provided.
You are not obligated to provide Personal Data to us in order to use the Web Site. However, if you do not provide Personal Data, you may not be able to visit all of the areas of the Web Site and may not be able to use all of our online services. In addition, we may not be able to offer you services that build on Personal Data or require us to contact you personally; in particular, we may not be able to provide a homepage that is tailored to your individual needs.
When you visit our Web Site, we collect statistically relevant information pertaining to the use of the Web Site. We process and use data for statistical purposes separately from your other Personal Data. These data can therefore not be used to identify or contact you. Such data include, for example, demographic information (age, profession, or gender) and other information about you as an individual or metrics related to the use of the Web Site ("Anonymous Data"). We use Anonymous Data to obtain an overview of the users of the Web Site as well as to improve the Web Site.
No Collection of Special Categories of Personal Data:
We do not collect particularly sensitive categories of data about you as an individual, such as health data, genetic or biometric data, your ethnic background, religious or political convictions, or details about your sexual life, via the Web Site.
2. Legal basis for the processing of personal data
Where we obtain the consent of the data subject for the processing of Personal Data, Article 6(1)(a) GDPR in conjunction with Art. 7 GDPR/§ 51 BDSG serves as the legal basis for the processing of Personal Data. For the processing of Personal Data necessary for the performance of a contract to which the data subject is a party, Article 6(1)(b) GDPR serves as legal basis. This also applies to processing operations required to carry out pre-contractual actions. Where processing of Personal Data is required to fulfil a legal obligation to which our company is subject, Article 6(1)(c) GDPR serves as legal basis. In the event that the vital interests of the data subject or of another natural person require the processing of Personal Data, Article 6(1)(d) GDPR serves as legal basis. If the processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, where such interests are not overridden by the interests or fundamental rights and freedoms of the data subject, then Article 6(1)(f) GDPR serves as the legal basis for processing.
For information on the legal basis under Brazilian data protection law, please refer to Section X below.
3. Data deletion and storage
IV. Provision of the Web Site and creation of log files
1. Description and scope of data processing
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- IP address
- operating system
- referrer URL
- hostname of the accessing computer
- date and time of the server request
- location data
2. Purpose of data processing
The temporary storage of the IP address by the system is necessary to provide the Web Site to the user's computer. For this purpose, the IP address of the user must be stored for the duration of the use of the Web Site. Storage in log files is carried out to ensure website functionality. In addition, the data is used to optimize the Web Site and to ensure the security of our information technology systems. No evaluation of the data for marketing purposes takes place in this regard.
Our legitimate interest in the processing of data pursuant to Article 6(1)(f) GDPR exists in connection with these purposes.
3. Duration of storage
The data will be deleted as soon as it is no longer required for the purpose for which it was collected. Where the data was collected to provide the Web Site, it will be deleted once the respective session has ended.
Where the data is stored in log files, it will be deleted after seven days at the latest, unless we are legally obligated to retain your Personal Data (e.g., due to statutory retention obligations). Anonymized Data may be stored for a longer period. In that case, the IP addresses of the users are deleted or altered, so that a reference can no longer be made to the calling client.
4. Opposition and removal option
The collection of data for the provision of the Web Site and the storage of the data in log files for the duration of the visit of the Web Site are essential for the operation of the Web Site. Consequently, the user has no opposition possibility. If you do not want your data to be collected in log files, please refrain from using our Web Site.
VI. Contact form and e-mail contact
1. Description and scope of data processing
Our Web Site contains a contact form that can be used for electronic contact. If a user exercises this option, the data, including Personal Data, entered in the input mask will be transmitted to us and saved for the purpose of processing your inquiry and contacting you. This data is:
- Name (first name, last name)
- Postal code
- Street and street no.
- State – US Only
- House number
- Phone number
- Email address
- Personal Data that may be contained in the subject
- Personal Data that may be contained in the message
- Personal Data that may be contained in the request for a quote
Alternatively, contact may be made via the e-mail address provided. In that case, the user's Personal Data transmitted by email will be stored.
In this context, no Personal Data is disclosed to third parties. Your Personal Data is used exclusively for processing the conversation.
2. Legal basis for data processing
The legal basis for the processing of the data, where the user has granted his/her consent, is Article 6(1)(a) GDPR.
The legal basis for the processing of the data transmitted in connection with the sending of an e-mail is Article 6(1)(f) GDPR. If the e-mail contact is made with a view to concluding a contract, then Article 6(1)(b) GDPR constitutes an additional legal basis for the processing.
3. Purpose of data processing
The Personal Data from the input mask is processed solely to allow us to process the contact and answer your request. In the case of contact via email, there must be a legitimate interest in the processing of the data. The Web Site will only collect form data to fulfill your request to be contacted by MPS, whether this is a general contact, sales contact, investor contact, product order request, or recycling pickup request.
Other Personal Data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.
4. Duration of storage
The Personal Data will be deleted as soon as it is no longer required for the purpose for which it was collected. This is the case for the Personal Data from the input mask of the contact form and the data sent by e-mail, when the conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been conclusively clarified.
Any additional Personal Data collected during the sending process will be deleted after a period of seven days at the latest.
However, if we are legally obligated to retain your Personal Data (e.g., due to statutory retention obligations), we will designate them accordingly to exclude the possibility of any further processing that is not related to the purpose of the retention obligation.
5. Opposition and removal option
Users may revoke their consent to the processing of Personal Data at any time. If users contact us by e-mail, they may object to the storage of their Personal Data at any time. In such a case, the conversation cannot continue. All Personal Data stored during contact will be deleted in that case, unless we are legally obligated to retain your Personal Data (see above). For a detailed summary of your rights with regard to your Personal Data, please see below.
VII. Job application
For information concerning the handling of applicant data, please refer to our recruiting guidelines.
VIII. Transfer to third parties
1. Affiliated Companies
2. Statutory Obligations
3. Independent Contractors
We also commission independent contractors to provide certain services for our company in general (auditors, consultants, insurers, administrators, etc.) and in connection with the Web Site in particular (programmers, analysts, security services, etc.). Oftentimes, it is necessary to grant these independent contractors limited access to the information collected via the Web Site; this may also include your Personal Data. However, in accordance with the relevant provisions of applicable data protection legislation, we will limit the access of these independent contractors to the absolute minimum that is necessary to enable them to fulfill their contractual duties.
In particular, independent contractors are prohibited from disclosing or transferring your Personal Data, unless this is unavoidable in performing the contractual services that are owed to us.
4. Corporate events
We may further transfer your Personal Data to third parties in connection with a corporate event affecting MPS or one of our affiliates, e.g. the sale of assets or shares or a merger of one of our group companies, where this is necessary for the preparation or transaction of the corporate event.
IX. Data security
However, please note that, despite these security measures, the transmission of data via the Internet always entails a certain amount of risk. We cannot exclude the possibility that third parties will find a way to bypass our security measures. If you notice any indications of a possible security breach, please inform us immediately.
X. Your rights
You have the following rights with respect to your personal data.
1. Right to information
2. Right to rectification, erasure and blocking
3. Right to restriction of processing
4. Right to object to processing
5. Right to access and data portability
We make every effort to respect your wishes concerning your data privacy. If, nonetheless, we have not responded to a request to your satisfaction, you have the right to submit a complaint about our processing of your Personal Data to a data protection supervisory authority.
You also have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of any consent-based processing that took place prior to the withdrawal.
1. Right to information
You can contact us at any time to find out which of your Personal Data we have stored. Aside from your stored Personal Data, this includes information concerning the origin of these Personal Data. You can also request information regarding the recipients or categories of recipients to which your Personal Data have been transferred and the purpose for which the data have been stored by us. Upon request, we will also clarify how long your data will be stored by us and/or the criteria by which we determine the storage period.
You must provide a specific description of the type of Personal Data for which you would like to obtain the information mentioned above. We will deliver this information to you in writing unless another form of communication would be appropriate. If requested, we will also create a copy of your Personal Data for you. This information is provided free of charge.
You are not entitled to the provision of information when the confidentiality of the Personal Data must be maintained according to a legal regulation or due to the nature of the data, specifically due to the prevailing legal interest of a third party.
2. Right to rectification, erasure and blocking
You can contact us at any time to:
• update, supplement, or correct your Personal Data, and
• request that we block or delete the Personal Data that we have stored in relation to you or that we order such data to be blocked or deleted, in accordance with applicable data protection legislation.
To do so, please submit a request at the following email address: email@example.com or use the contact information provided above. However, any updated, supplemented, or corrected information will only have effect for the future.
3. Right to restriction and opposition of processing
You can further contact us at any time to change the settings you have selected with respect to notifications and other information you receive from us or limit the processing of your data in accordance with applicable data protection legislation.
To do so, please submit a request at the following email address: firstname.lastname@example.org or use the contact information provided above. However, any change or restriction relating to your settings will only have effect for the future.
4. Right to object to processing
If you want to oppose a processing of your data, please also submit a request at the following email address: email@example.com or use the contact information provided above. However, any objection will only have effect for the future.
5. Right to access and data portability
You can request access to your data that is being stored by us or by a third party on our behalf at any time. Furthermore, you have the right to obtain the Personal Data you have provided to us with your consent, in an organized, machine-readable, and conventional format, and to transfer this data to a third party.
You are not entitled to the transfer of data if such a transfer would negatively affect the rights and liberties of other persons or the public interest.
XI. Special provisions in the European Union
If you are in the European Union or your Personal Data is processed by an MPS establishment within the European Union, we will further comply with the European General Data Protection Regulation (GDPR) and national data protection laws of the member states implementing the GDPR (together the "Data Protection Law").
All of our servers are located in the USA. However, we may also transfer your data (including your Personal Data) to servers or third party service providers in countries outside of the European Union (EU) and process your data there. Please note that it is possible that not all of these countries have a level of data protection comparable to that of the EU (e.g., the USA). In such a case, we will implement appropriate measures and reach appropriate contractual agreements with these third parties to protect your interests in accordance with Data Protection Law.
XII. Special provisions under Californian Privacy Law
If you are a California resident, you may have certain additional rights. California Civil Code Section 1798.83 may permit you to request information regarding the disclosure of your Personal Information by MPS to third parties for the third parties’ direct marketing purposes. California Business and Professions Code Section 22581 permits registered users who are minors to request and obtain deletion of certain posted content. For additional information or to make a request, please contact firstname.lastname@example.org.
XIII. Special provisions in Brazil
For users that are residents in Brazil, the following additional provisions shall apply:
1. General provisions
Processing of Personal Data of persons located in Brazil or data that is collected in Brazil is subject to the recently enacted Law No. 13,709 of August 14, 218 that provides for the protection of personal data (the "Brazilian Privacy Law", LGPD).
2. Additional rights
In addition to your rights set out in Section VIII above, you have the right to demand confirmation of the existence of the processing. Access to your data will be provided to you upon your choice either in a simplified printed or safe and discrete electronic form or by means of a clear and complete declaration that indicates the origin of the data, the nonexistence of record, the criteria used and the purpose of the processing, subject to commercial and industrial secrecy, within a period of fifteen days as from the date of your request. To request confirmation or access to your data, please submit a request at the following email address: email@example.com or use the contact information provided above and indicate in which form you want to receive the requested information.
You further have the right to request anonymization of unnecessary or excessive data or data processed in non-compliance with the provisions of the LGPD, unless we are legally obligated to retain your Personal Data (see Art. 16 LGPD). To do so, please submit a request at the following email address: firstname.lastname@example.org use the contact information provided above.
In case of a fully automated processing of Personal Data you have the right to demand review by a natural person, if the automatic decision affects your interests. We will therefore provide clear and adequate criteria and procedures used for the automated decision, subject to commercial and industrial secrecy.
3. Data security
We use technical and administrative measures to protect your Personal Data from unauthorized accesses and accidental or unlawful destruction, loss, alteration, communication or dissemination as well as to prevent the occurrence of damages due to the processing of personal data. Please be aware that, despite our efforts, no security measures are perfect or impenetrable. If nevertheless a security incident occurs, we will inform you in accordance with applicable law.