I. Name and address of controller
The controller as defined by the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
MPC Münchmeyer Petersen Capital AG
Tel.: +49 (0)40 3 80 22 - 4200
II. Name and address of data protection officer
The data protection officer of the controller is:
CMS Hasche Sigle Partnerschaft von Rechtsanwälten und Steuerberatern mbB
Julia Dönch, M.A.
Phone: +49 711 9764 204
III. General information on data processing
1. Scope of personal data processing
As a rule, we collect and utilise our users' personal data only if this is required to provide a functional website as well as our content and services. Personal data of our users are regularly gathered and used only on a statutory basis. One exception applies in cases in which there is no apparent statutory basis and processing of the data can only be legitimised by means of consent.
2. Legal basis for processing of personal data
If we obtain consent for processing of personal data from the data subject, point (a) of Article 6 (1) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
In the event of processing of personal data that is required for fulfilment of a contract to which the data subject is party, point (b) of Article 6 (1) GDPR serves as the legal basis. This also applies to processing measures that are required in order to perform pre-contractual actions.
If processing of personal data is required in order to fulfil a legal obligation that is incumbent upon our company, point (c) of Article 6 (1) GDPR serves as the legal basis.
In the event that vital interests of the data subject or of another natural person necessitate the processing of personal data, point (d) of Article 6 (1) GDPR serves as the legal basis.
If processing is required in order to uphold a legitimate interest of our company or of a third party and the interests, fundamental rights and freedoms of the data subject do not override the former interest, point (f) of Article 6 (1) GDPR serves as the legal basis for processing.
3. Erasure of data and period stored
The personal data of the data subject are erased or blocked as soon as the purpose of storage ceases to apply. Storage can additionally be carried out if the European or national legislature has made provisions for this in Union regulations, acts or other rules to which the controller is subject. Blocking or erasure of the data is also carried out if a storage period specified by the aforementioned standards expires, unless it is necessary to continue storing the data in order to conclude or fulfil a contract.
IV. Provision of the website and creation of log files
1. Description and scope of data processing
Each time our website is accessed, our system automatically records data and information from the computer system of the accessing computer.
The following data are gathered here:
Information on the browser type and the version used
(1) The user's operating system
(2) The user's IP address
(3) The data and time of access
(4) Websites from which the user's system reaches our website
(5) Websites that are accessed by the user's system via our website
The data are also stored in the log files of our system. These data are not stored together with other personal data of the user.
2. Legal basis for data processing
The legal basis for temporary storage of the data and log files is point (f) of Article 6 (1) GDPR.
3. Purpose of data processing
Temporary storage of the IP address by the system is necessary in order to enable delivery of the website to the user's computer. To this end, the user's IP address must be stored for the duration of the session.
Storage in log files is carried out in order to ensure that the website works properly. In addition, we use the data to help us optimise the website and to ensure the security of our IT systems. No evaluation of the data for marketing purposes is performed in connection with this.
These purposes also account for our legitimate interest in data processing as per point (f) of Article 6 (1) GDPR.
4. Period saved
The data are erased as soon as they are no longer needed to fulfil the purpose for which they were gathered. In the event of data recording for provision of the website, this is the case when the respective session is ended.
In the event of data storage in log files, this is the case after no more than 365 days.
IP addresses are fully logged for a maximum of 24 hours. Thereafter, anonymisation is performed by erasing the last octet so that it is no longer possible to associate with the accessing client.
5. Option of objection and rectification
Data recording to provide the website and storage of data in log files are absolutely essential to operation of the website. Consequently, there is no possibility of objection on the part of the user.
1. Description and scope of data processing
The following data are stored and transmitted in the cookies:
- Language settings
- Login information
2. Legal basis for data processing
The legal basis for processing of personal data with the use of technically essential cookies is point (f) of Article 6 (1) GDPR.
3. Purpose of data processing
We need cookies for the following applications:
- Savings of language settings
- Session management
The user data gathered by means of technically essential cookies are not used to create user profiles.
4. Duration of storage, option of objection and rectification
If you prevent your browser from accepting cookies, this means that you will not be able to us all functions of webiste.
VI. Google Analystics
Diese Website benutzt Google Analytics, einen Webanalysedienst von Google, betrieben von der Google Inc.,1600 Amphitheatre Parkway, Mountain View, CA 94043, USA („Google“) und erhebt und speichert über diesen Webanalysedienst Daten, aus denen unter Verwendung von Pseudonymen Nutzungsprofile erstellt werden. Die so erstellten Nutzungsprofile dienen der Auswertung des Besucherverhaltens um das auf dieser Website dargestellte Angebot bedarfsgerecht zu gestalten und zu verbessern. Google Analytics verwendet sog. „Cookies“, kleine Textdateien, die auf Ihrem Computer gespeichert werden und die eine Analyse der Benutzung der Website durch Sie ermöglichen. Die durch den Cookie erzeugten Informationen über Ihre Benutzung dieser Website werden in der Regel an einen Server von Google in den USA übertragen und dort gespeichert. Im Falle der Aktivierung der IP-Anonymisierung auf dieser Webseite, wird Ihre IP-Adresse von Google jedoch innerhalb von Mitgliedstaaten der Europäischen Union oder in anderen Vertragsstaaten des Abkommens über den Europäischen Wirtschaftsraum zuvor gekürzt. Nur in Ausnahmefällen wird die volle IP-Adresse an einen Server von Google in den USA übertragen und dort gekürzt. Im Auftrag des Betreibers dieser Website wird Google diese Informationen benutzen, um Ihre Nutzung der Website auszuwerten, um Reports über die Websiteaktivitäten zusammenzustellen und um weitere mit der Websitenutzung und der Internetnutzung verbundene Dienstleistungen gegenüber dem Websitebetreiber zu erbringen.
Die im Rahmen von Google Analytics von Ihrem Browser übermittelte IP-Adresse wird nicht mit anderen Daten von Google zusammengeführt. Auch die unter einem Pseudonym geführten Nutzungsprofile werden ohne ausdrückliche und gesondert erklärte Einwilligung des Nutzers nicht mit den personenbezogenen Daten über den Nutzer zusammengeführt. Sie können die Speicherung der Cookies durch eine entsprechende Einstellung Ihrer Browser-Software verhindern; wir weisen Sie jedoch darauf hin, dass Sie in diesem Fall gegebenenfalls nicht sämtliche Funktionen dieser Website vollumfänglich werden nutzen können. Sie können darüber hinaus die Erfassung der durch das Cookie erzeugten und auf Ihre Nutzung der Website bezogenen Daten (inkl. Ihrer IP-Adresse) an Google sowie die Verarbeitung dieser Daten durch Google verhindern, indem sie das unter dem folgenden Link (http://tools.google.com/dlpage/gaoptout?hl=de) verfügbare Browser-Plugin herunterladen und installieren.
Die von uns gesendeten Daten werden nach 26 Monaten automatisch gelöscht. Die Löschung von Daten, deren Aufbewahrungsdauer erreicht ist, erfolgt automatisch einmal im Monat.
Die Datenschutzhinweise von Google können Sie auf http://www.google.de/intl/de/policies/privacy/ einsehen. Nähere Informationen zu Nutzungsbedingungen und Datenschutz finden Sie unter http://www.google.com/analytics/terms/de.html bzw. unter http://www.google.com/intl/de/analytics/privacyoverview.html.
Wir weisen Sie darauf hin, dass auf dieser Webseite Google Analytics um den Code „anonymizeIp“ erweitert wurde, um eine anonymisierte Erfassung von IP-Adressen (sog. IP-Masking) zu gewährleisten.
VII. Social media and plug-ins
This website uses social plug-ins from the following companies:
Social plug-ins from YouTube are used on this website. These are provided by the US company Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”)).
When you visit a page that has a plug-in of this kind, your browser establishes a connection to YouTube and Google and the content is loaded from these pages. Your visit to this website may therefore be tracked by Facebook/YouTube and Google even if you do not actively use the function of the social plug-in. If you have a Facebook or Google account, you can use a social plug-in of this kind and thus share information with your friends. Staytoo has no influence on the content of the plug-ins or transmission of information.
Facebook/YouTube and Google provide detailed information on the scope, nature, purpose and further processing of your data on their websites. You will also find further information on your rights and configuration options to protect your privacy.
Google privacy information: https://policies.google.com/privacy?hlI
We use components of the XING.com network on our site. These components are a service provided by XING AG, Dammtorstrasse 29-32, 20354 Hamburg, Germany.
Each time you visit our website, which integrates such a component, this component causes the browser you are using to download a corresponding representation of the component from XING.
VIII. Rights of the data subject
You have the right:
- pursuant to Article 15 GDPR to request information on your personal data that is processed by us. In particular, you may request information on the purposes of the processing, on the categories of personal data, on the categories of recipients to whom your personal data have been or will be disclosed, on the envisaged period stored, on the existence of the right to request rectification, erasure, restriction of processing or to object, on the existence of the right to lodge a complaint, on the source of your data if they are not collected by us and on the existence of automated decision-making, including profiling and any meaningful information about the particulars thereof;
- pursuant to Article 16 GDPR to request prompt rectification of inaccurate personal data or completion of your personal data that is stored by us;
- pursuant to Article 17 GDPR to request the erasure of your personal data that are stored by us, provided that processing is not required for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
- pursuant to Article 18 GDPR to request the restriction of processing of your personal data, if you contest the accuracy of the data, if the processing is unlawful but you oppose its erasure and we no longer need the data but you require them for the establishment, exercise or defence of legal claims or if you have objected to processing pursuant to Article 21 GDPR;
- pursuant to Article 20 GDPR to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request transmission to another controller;
- pursuant to Article 7 (3) GDPR to withdraw the consent you have already granted us at any time. The result of this will be that we are no longer permitted to continue the data processing that was based on this consent in future and
- pursuant to Article 77 GDPR to lodge a complaint with a supervisory authority. To do so, you may generally contact the supervisory authority of your habitual residence or place of work or our company headquarters.
Right to object (to advertising)
Provided that your personal data are processed based on the legitimate interests under point (f) of Article 6 (1) GDPR, you have the right pursuant to Article 21 GDPR to object to the processing of your personal data to the extent that there are grounds for this relating to your particular situation or if the objection is to direct marketing. In the latter case, you have a general right to object that will be enforced by us without specifying a particular situation.
If you would like to assert your right to withdraw or object, it is sufficient to send an email to firstname.lastname@example.org.
Changes to data protection standards
If any change to these data protection standards become necessary in future, you will always be able to find the latest version here.