Privacy Policy

Privacy Policy

Table of contents

  1. Information about us (Section 1)
  2. Information on data processing (Sections 2 – 9)
  3. Cookies (Sections 10 – 11)
  4. Social media, embedded functions and content (Sections 12 – 17)
  5. Your rights as a user / data subject (Sections 18 – 21)

  1. Name and contact details of those responsible for processing, contact details of the data protection officer 
  2. Data processing with regard to website visits
  3. Data processing with regard to job applications
  4. Data processing with regard to contact by post
  5. Data processing with regard to contact by telephone
  6. Data processing with regard to surveys
  7. Data processing with regard to customer relationship management/CRM
  8. Legal basis for the processing of personal data
  9. Transmission of data
  10. Cookies
  11. Cookiebot
  12. LinkedIn
  13. Facebook
  14. Instagram
  15. Social media links via graphics or text links
  16. Analysis and tracking tools
  17. Data security 
  18. Data subject rights
  19. Right to object
  20. Regulatory authority for data protection
  21. Validity and changes to this privacy policy

A. Information about us 

1. Name and contact details of those responsible for processing
This privacy policy applies to data processing by those responsible:
mc markt-consult Institut für Strukturforschung und Marketingberatung GmbH
Sachsenstr. 8, Haus B, 20097 Hamburg, Germany 

Email: info(at)markt-consult.com
Tel.: +49 (0) 152 523 334 67

Contact details of the Data Protection Officer

The company Data Protection Officer can be contacted via the above-mentioned address, FAO Data Protection Officer, or via datenschutz(at)markt-consult.com.

B. Information on data processing

2. Data processing with regard to website visits
When you visit our website www.markt-consult.com, your browser automatically sends information to our website’s server. This information is temporarily saved in a “log file”. The following information is collected and stored without any action on your part until it is automatically deleted:

  • the accessing computer’s IP address;
  • the date and time of access;
  • the name and URL of the file accessed;
  • the website from which you are visiting us (referrer URL),
  • the browser used and, where appropriate, your computer’s operating system and the name of your access provider.

The aforementioned data will be processed by us for the following purposes:

  • To ensure a seamless connection to the website;
  • To ensure you are able to use our website properly;
  • to assess system security and stability;
  • for other administrative purposes.

The legal basis for data processing is Article 6(1)(1)(f) GDPR. The aforementioned purposes of data collection provide the basis for our legitimate interests. Under no circumstances do we use collected data to draw conclusions about your person.

3. Data processing with regard to job applications

Purposes and type of processing:

mc markt-consult collects and processes applicants’ personal data for the purposes of the application procedure. This processing may also be performed electronically. This is the case if an applicant sends us their application documents by email, for example.

Categories of data subjects and categories of personal data:

The data subjects are job applicants. 

The categories of personal data are first name and surname, address data, communication data and all data provided by an applicant during the application process.

Legal basis

The legal basis for data processing is Article 6(1)(1)(b) GDPR.

In addition, the basis for data processing is our legitimate interest in accordance with Article 6(1)(f) GDPR. 

Transmission of data 

Your data will be given only to the management or the human resources department as part of the application process. There shall be no other forwarding of your data. No data shall be transferred to any body in a so-called third country, i.e. neither in an EU or European Economic Area (EEA) state nor in a state for which the Commission has made an adequacy decision, nor is this planned.

Duration of storage

Regardless of the outcome, your personal data will be stored until the end of the application process.

If mc markt-consult concludes an employment contract with an applicant, the transmitted data will be stored for the purposes of processing the employment relationship in compliance with the statutory provisions.

If mc markt-consult does not conclude an employment contract with the applicant, the application documents will be deleted six months after notification of the rejection decision, unless the deletion is contrary to any other legitimate interests of mc markt-consult. Other legitimate interests in this sense include a burden of proof in proceedings under the German General Act on Equal Treatment.

4. Data processing with regard to contact by post

Purposes and type of processing:

If you write a letter to mc markt-consult, the data you provide (e.g. surname, first name, address) and the information contained in the letter (any personal data you may have provided) will be collected and stored for the purpose of contacting you and processing the matter of your letter.

Categories of data subjects and categories of personal data:

The data subject is you as the sender of the letter. 

The categories of personal data are first name and surname, address data, communication data and all data provided by you in your letter.

Legal basis

The legal basis for data processing is Article 6(1)(1)(f) GDPR.

Data processing is carried out for our legitimate interest to deal with the matter of your letter.

Transmission of data 

Your data will be passed on only to the relevant specialist department in the course of processing. There shall be no other forwarding of your data. No data shall be transferred to any body in a so-called third country, i.e. neither in an EU or EEA state nor in a state for which the Commission has made an adequacy decision, nor is this planned.

Duration of storage

Your personal data will be stored for as long as is necessary to process and deal with the matter that led you to contact us. Otherwise, your data will be stored in compliance with the statutory retention periods, in particular those for commercial letters in accordance with the German Commercial Code.

5. Data processing with regard to contact by telephone

Purposes and type of processing:

If you contact an employee of mc markt-consult by telephone, the data you provide (e.g. surname, first name, address) and the information received in the process (any personal data you may have provided) will be collected and stored for the purpose of contacting you and processing the matter of your call.

Categories of data subjects and categories of personal data:

The data subject is you as the caller. 

The categories of personal data are first name and surname, address data, communication data and all data provided by you in the telephone conversation.

Legal basis

The legal basis for data processing is Article 6(1)(1)(f) GDPR.

Data processing is carried out for our legitimate interest to deal with the matter of your call.

Transmission of data 

Your data will be passed on only to the relevant specialist department in the course of processing. There shall be no other forwarding of your data. No data shall be transferred to any body in a so-called third country, i.e. neither in an EU or EEA state nor in a state for which the Commission has made an adequacy decision, nor is this planned.

Duration of storage

Your personal data will be stored for as long as is necessary to process and deal with the matter that led you to contact us. Otherwise, your data will be stored in compliance with the statutory retention periods, in particular those for commercial letters in accordance with the German Commercial Code.

6. Data processing with regard to surveys

Respondents participating in a survey conducted by mc on behalf of one of its clients are not invited to participate in the survey by mc itself. Respondents are invited by the external test studio where the survey is conducted or by the external provider of an online panel which has a pool of registered persons who have agreed to participate repeatedly in online surveys.

If the survey is conducted as an individual interview or in the form of a group discussion, the test studio does not provide mc with any identifying personal data, as defined by data protection laws, about the respondent or respondents. mc only receives the information that the participants in the survey themselves provide during the individual interview or group discussion on the topic of the survey. 

If a survey is conducted via/by an online panel, the provider of this panel sends the texts of the survey to the respondent via its server. mc has no access to the respondent’s personal data (e.g. their contact details, IP address). mc only receives the questionnaires completed by the respondent and processes the responses for the purpose of the survey. 

If mc arranges a survey or the recruitment of individual persons by telephone, mc only receives the necessary contact details (first name and surname, address and telephone number and/or email address of the respondent) from the respective client for this purpose. mc’s client has collected these data from the respondent and transmitted them to mc for the purpose of the survey. mc only collects and stores these data and transmits them to the test studio for the purpose of establishing contact for the survey or recruitment by the test studio commissioned by mc. The legal basis for this data processing is the contract with our client (Article 6(1)(b) GDPR). These data are not passed on to third parties apart from the test studio. These data are stored until the end of the survey project and deleted after three months. The data are stored on servers in Germany.

7. Data processing with regard to
customer relationship management (CRM) 

We process the data of our contractual partners and business partners, e.g. customers and service providers (collectively referred to as “contractual partners”), as part of contractual and similar legal relationships and the associated measures and as part of communications with contractual (or prospective contractual partners), e.g. responding to enquiries (hereinafter “CRM” – customer relationship management).

We process these data in order to fulfil our contractual obligations, to safeguard our rights and for the purposes of the administrative tasks associated with these data, as well as for business organisation. 

We have commissioned an external service provider to process these data (HubSpot, Inc.) with whom we have concluded a data processing agreement. HubSpot is a customer relationship management software program that offers applications for marketing, sales and service. Our cooperation with HubSpot complies with Article 44 et seq. of the GDPR, which governs the transfer of data to EU third countries.

Furthermore, we only disclose our contractual partners’ data to third parties within the scope of the applicable law to the extent that this is necessary for the aforementioned purposes or for the fulfilment of legal obligations or with the consent of the data subjects (e.g. to participating telecommunications, transport and other auxiliary services, banks, tax and legal advisors, payment service providers or tax authorities). 

We process data in the CRM system that are required for the aforementioned purposes. Primarily these comprise contact details and data in connection with the performance of the contractual relationship (see below).

In the case of personal data in the CRM system, we check whether further storage is required after two years, at the end of the calendar year. If this is not required, the data will be deleted.

This does not include data classed as business letters within the meaning of the German Commercial Code or as accounting-relevant data. The respective statutory retention obligations apply here.

Types of data processed: 

First name, surname, company name, job title, note, contact type, languages (coder, translator), phone number, mobile number, fax number, email address, website URL, address line, city (office), state/region, postcode, country/region, title, industry, mc employee responsible for contact, Christmas, blocking notice, contact priority, customer type, project (enquiry, order), alternative address.

Data subjects: 

Prospects, business partners and contractual partners

Purposes of processing: 

Provision of contractual services and customer service, contact requests and communication, office and organisational procedures, administration and response to enquiries, security measures.

Legal bases: 

Contractual performance and pre-contractual enquiries (Article 6(1)(1)(b) GDPR), legal obligation (Article 6(1)(1)(c) GDPR), legitimate interests (Article 6(1)(1)(f) GDPR).

Service provider used:

HubSpot Inc., registered in the commercial register of the US State of Delaware. Address: 

25 First Street, Cambridge, MA 02141 (Massachusetts), USA. Website https://hubspot.com. Further details on data processing by HubSpot can be found at https://knowledge.hubspot.com/account/hubspot-cloud-infrastructure-frequently-asked-questions. 

8. Legal basis for the processing of personal data

If we obtain the consent of the data subject to process their personal data, Article 6(1)(a) of the General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data.

When processing personal data necessary for the performance of a contract to which the data subject is party, Article 6(1)(b) GDPR shall serve as the legal basis. This also applies to any processing required to perform pre-contractual measures.
If processing of personal data is necessary for compliance with a legal obligation to which we are subject, Article 6(1)(c) GDPR shall serve as the legal basis.
If processing is necessary to safeguard the legitimate interests of our company or of a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, Article 6(1)(f) GDPR shall serve as the legal basis for processing.

9. Transmission of data
There will be no transfer of your personal data to third parties for reasons other than those already mentioned and those listed below.
We will only transmit your personal data to third parties if:

  1. you have given your express permission for us to do so, in accordance with Article 6(1)(1)(a) of the GDPR;
  2. the transfer of data is necessary for the establishment, exercise or defence of legal claims in accordance with Article 6(1)(1)(f) of the GDPR, and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data;
  3. there is a legal obligation for the transfer of data, in accordance with Article 6(1)(1)(c) of the GDPR;
  4. this is legally permissible and necessary for the settlement of the terms of the contract with you, in accordance with Article 6(1)(1)(b) of the GDPR.

C. Cookies

10. Cookies* 

a) Session cookies 

We use cookies on our website. Cookies are small text files or other storage technologies stored on your computer by your browser. These cookies process certain specific information about you, such as your browser, location data, or IP address.   

This processing makes our website more user friendly, efficient and secure, allowing us, for example, to display our website in different languages. 

The legal basis for such processing is Article 6(1)(b) GDPR, insofar as these cookies are used to collect data to initiate or process contractual relationships. If the processing does not serve to initiate or process a contract, our legitimate interest lies in improving the functionality of our website. The legal basis is then Article 6(1)(f) GDPR. 

When you close your browser, these session cookies are deleted. 

b) Third-party cookies 

If necessary, our website may also use cookies from partner companies with whom we cooperate for the purpose of advertising, analysing, or improving the features of our website. Please refer to the following information for details, in particular for the legal basis and purpose of such third-party collection and processing of data collected through cookies.

 

c) Disabling cookies 

You can prevent or limit the installation of cookies by changing the settings on your browser. Likewise, you can delete cookies that have already been stored at any time. However, the steps and measures required vary depending on the browser you use. If you have any questions, please use the help function or consult the documentation for your browser or contact its producer for support.

If you prevent or restrict the installation of cookies, not all of the functions on our site may be fully usable.

11. Cookiebot* 

We use Cookiebot to display cookie banners. Cookiebot is a product of Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark, hereinafter “Cybot”. Cookiebot informs the user about the use of cookies on the website and allows the user to make a decision about their use. 

If the user agrees to the use of cookies, the following data will be automatically recorded by Cybot:

 

  • the user’s anonymised IP address; 
  • the date and time of consent; 
  • the user agent of the user’s browser; 
  • the provider’s URL;
  • an anonymous, random and encrypted key; 
  • the user’s cookie status which serves as proof of consent. 

The encrypted key and cookie status are stored by means of a cookie on the user’s device to enable the corresponding cookie status to be restored when the user returns to our site. This cookie is automatically deleted after 12 months.  

The legal basis for this is Article 6(1)(f) GDPR. Our legitimate interest is in the user-friendliness of the website and the fulfilment of the statutory requirements of GDPR. 

The user can prevent cookies from being installed and stored, and/or delete this cookie by adjusting the settings on his or her internet browser. Go to this link to read the Cybot privacy policy: 

https://www.cookiebot.com/de/privacy-policy/   

D. Social media, embedded services and content

12. LinkedIn*

We maintain an online presence on LinkedIn to present our company and our services and to communicate with customers/prospects. LinkedIn is a service of LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, a subsidiary of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA.

We would like to point out that these user data may be processed outside the European Union, particularly in the United States. This may increase risks for users that, for example, may make subsequent access to the user data more difficult.

 We also do not have access to these user data. Access is only available to LinkedIn. The LinkedIn privacy policy can be found at https://www.linkedin.com/legal/privacy-policy. 

If the user contacts us via LinkedIn, the user’s personal data provided at that time will be used to process the enquiry and stored in the CRM system. We will check whether further storage is required after two years, at the end of the calendar year. If this is not required, the data will be deleted. 

This does not include data classed as business letters within the meaning of the German Commercial Code or as accounting-relevant data. The respective statutory retention obligations apply here.

13. Facebook* 

To advertise our products and services as well as to communicate with prospects or customers, we have a presence on the Facebook platform. 

On this social media platform, we are jointly responsible with Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. 

The data protection officer of Facebook can be reached via this contact form: 

https://www.facebook.com/help/contact/540977946302970  

We have defined the joint responsibility in an agreement regarding the respective obligations within the meaning of the GDPR. This agreement, which sets out the reciprocal obligations, is available at the following link: 

https://www.facebook.com/legal/terms/page_controller_addendum  

The legal basis for the processing of the resulting and subsequently disclosed personal data is Article 6(1)(f) GDPR. Our legitimate interest lies in the analysis, communication, sales and promotion of our products and services. 

The legal basis may also be the user’s consent per Article 6(1)(a) GDPR granted to the platform operator. Per Article 7(3) GDPR, the user may revoke this consent at any time with future effect by notifying the platform operator. 

When accessing our online presence on the Facebook platform, Facebook Ireland Ltd. as the operator of the platform in the EU will process the user’s data (e.g. personal information, IP address, etc.). 

These user data are used for statistical information on the use of our company presence on Facebook. Facebook Ireland Ltd. uses these data for market research and advertising purposes as well as for the creation of user profiles. Based on these profiles, Facebook Ireland Ltd. can provide advertising both within and outside of Facebook based on the user’s interests. If the user is logged into Facebook at the time of accessing our site, Facebook Ireland Ltd. will also link these data to the respective user account. 

If the user contacts us via Facebook, the user’s personal data provided at that time will be used to process the enquiry and stored in the CRM system. We will check whether further storage is required after two years, at the end of the calendar year. If this is not required, the data will be deleted. 

This does not include data classed as business letters within the meaning of the German Commercial Code or as accounting-relevant data. The respective statutory retention obligations apply here.

Facebook Ireland Ltd. may also set cookies when processing the data. 

If the user does not agree to this processing, there is the option of preventing the installation of cookies by modifying the appropriate browser settings. Cookies that have already been saved can also be deleted at any time. The instructions to do this depend on the browser used. If the user prevents or restricts the installation of cookies, not all of the functions of Facebook may be fully usable. 

Details on the processing activities, their suppression and the deletion of the data processed by Facebook can be found in its privacy policy: 

https://www.facebook.com/privacy/explanation  

It cannot be excluded that the processing by Facebook Ireland Ltd. will also take place in the United States by Facebook Inc., 1601 Willow Road, Menlo Park, California 94025. 

14. Instagram* 

To advertise our products and services as well as to communicate with prospects or customers, we have a presence on the Instagram platform. On this social media platform, we are jointly responsible with Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The data protection officer of Instagram can be reached via this contact form: 

https://www.facebook.com/help/contact/540977946302970  

We have defined the joint responsibility in an agreement regarding the respective obligations within the meaning of the GDPR. This agreement, which sets out the reciprocal obligations, is available at the following link: 

https://www.facebook.com/legal/terms/page_controller_addendum 

The legal basis for the processing of the resulting and subsequently disclosed personal data is Article 6(1)(f) GDPR. Our legitimate interest lies in the analysis, communication, sales and promotion of our products and services. The legal basis may also be the user’s consent per Article 6(1)(a) GDPR granted to the platform operator. Per Article 7(3) GDPR, the user may revoke this consent at any time with future effect by notifying the platform operator. 

When accessing our online presence on the Instagram platform, Facebook Ireland Ltd. as the operator of the platform in the EU will process the user’s data (e.g. personal information, IP address, etc.). These user data are used for statistical information on the use of our company presence on Instagram. Facebook Ireland Ltd. uses these data for market research and advertising purposes as well as for the creation of user profiles. Based on these profiles, Facebook Ireland Ltd. can provide advertising both within and outside of Instagram based on the user’s interests. If the user is logged into Instagram at the time of accessing our site, Facebook Ireland Ltd. will also link these data to the respective user account. 

If the user contacts us via Instagram, the user’s personal data provided at that time will be used to process the enquiry and stored in the CRM system. We will check whether further storage is required after two years, at the end of the calendar year. If this is not required, the data will be deleted. 

This does not include data classed as business letters within the meaning of the German Commercial Code or as accounting-relevant data. The respective statutory retention obligations apply here.

Facebook Ireland Ltd. may also set cookies when processing the data. 

If the user does not agree to this processing, there is the option of preventing the installation of cookies by modifying the appropriate browser settings. Cookies that have already been saved can also be deleted at any time. The instructions to do this depend on the browser used. If the user prevents or restricts the installation of cookies, not all of the functions of Instagram may be fully usable. 

Details on the processing activities, their suppression, and the deletion of the data processed by Instagram can be found in its privacy policy:

 

https://help.instagram.com/519522125107875  

It cannot be excluded that the processing by Facebook Ireland Ltd. will also take place in the United States by Facebook Inc., 1601 Willow Road, Menlo Park, California 94025. 

15. Social media links via graphics or text links* 

We also integrate the following social media sites into our website. The integration takes place via a linked graphic of the respective site. The use of this linked graphic prevents automatic connection to the servers of these social networks to display a graphic of that network when accessing a website with a social media application.

 Only by clicking on the corresponding graphic will the user be forwarded to the service of the respective social network. Once the user is forwarded, that network will record information about the user. It cannot be ruled out that such data will be processed in the United States. 

Initially, these data include such things as the user’s IP address, the date and time of the user’s visit and the page visited. If the user is logged into his or her user account on that network, however, the network operator may assign the information collected about the user’s visit to our site to his or her personal account. If the user interacts by clicking a Share button, this information may be stored in the user’s personal account and possibly posted on the respective network. To prevent the information collected being assigned directly to his or her user account, the user must log out of his or her social media account before clicking on the graphic. The various social media networks also offer settings that you can configure accordingly. 

The following social networks are integrated into our site by linked graphics: 

Facebook 

Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, a subsidiary of Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA. 

Privacy Policy: https://www.facebook.com/policy.php  

LinkedIn 

LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, a subsidiary of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085 USA. 

Privacy Policy: https://www.linkedin.com/legal/privacy-policy  

Instagram 

Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, a subsidiary of Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA. 

Privacy Policy: https://help.instagram.com/519522125107875  

16. Analysis & tracking tools* 

Google Analytics 

We use Google Analytics on our website. This is a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”). The Google Analytics service is used to analyse how our website is used. The legal basis for this is Article 6(1)(f) GDPR. Our legitimate interest lies in the analysis, optimisation and economic operation of our site. 

Usage- and user-related information, such as IP address, place, time or frequency of your visits to our website will be transmitted to a Google server in the United States and stored there. However, we use Google Analytics with the so-called anonymisation function, whereby Google truncates the IP address within the EU or the EEA. 

The data collected in this way are in turn used by Google to provide us with an evaluation of visits to our website and what visitors do once there. These data can also be used to provide other services related to the use of our website and of the internet in general. 

Google states that it will not connect your IP address to other data. In addition, Google provides further information with regard to its data protection practices at 

https://policies.google.com/technologies/partner-sites including options you can exercise to prevent such use of your data. 

In addition, Google offers an opt-out add-on at https://tools.google.com/dlpage/gaoptout?hl=en in addition to further information. This add-on can be installed on most popular browsers and offers you further control over the data that Google collects when you visit our website. The add-on informs Google Analytics’ JavaScript (ga.js) that no information about the website visit should be transmitted to Google Analytics. However, this does not prevent information from being transmitted to us or to other web analytics services we may use as detailed herein. 

Google reCAPTCHA 

Our website uses Google reCAPTCHA to check and prevent automated servers (“bots”) from accessing and interacting with our website. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”). 

This service allows Google to determine from which website your request has been sent and from which IP address the reCAPTCHA input box has been used. In addition to your IP address, Google may collect other information necessary to provide and guarantee this service.    

The legal basis for this is Article 6(1)(f) GDPR. Our legitimate interest lies in the security of our website and in the prevention of unwanted, automated access in the form of spam or similar. 

Google offers detailed information at https://policies.google.com/privacy concerning the general handling of your user data. 

Google Fonts 

Our website uses Google Fonts to display external fonts. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”). To enable the display of certain fonts on our website, a connection to the Google server in the USA is established whenever our website is accessed. 

The legal basis for this is Article 6(1)(f) GDPR. Our legitimate interest lies in the optimisation and economic operation of our site. When you access our site, a connection to Google is established from which Google can identify the site from which your request has been sent and to which IP address the fonts are being transmitted for display Google offers detailed information at 

https://adssettings.google.com/authenticated and https://policies.google.com/privacy in particular on options for preventing the use of data. 

FontAwesome 

In order to be able to display fonts and visual elements of our website, we use FontAwesome’s external fonts. FontAwesome is a service of Fonticons Inc., 6 Porter Road, Apartment 3R, Cambridge, MA 02140, USA, hereinafter referred to as “FontAwesome”. 

When you access our website, a connection is established to the FontAwesome server in the USA in order to enable and update the display of fonts and visual elements. 

The legal basis for this is Article 6(1)(f) GDPR. Our legitimate interest lies in the optimisation and economic operation of our site. 

By connecting to the FontAwesome server when you access our website, FontAwesome can determine from which website your request was sent and to which IP address the font should be sent. FontAwesome offers further information at https://fontawesome.com/privacy in particular on the options for preventing data use. 

*Source for Sections 10 – 16: Kanzlei Weiß & Partner privacy policy generator (https://www.ratgeberrecht.eu/leistungen/muster-datenschutzerklaerung.html)

17. Data security
We also use appropriate technical and organisational security measures to protect your data from accidental or deliberate manipulation, partial or complete loss or destruction, or unauthorised access by third parties. We are constantly improving our safety measures in keeping with technological developments. 

E. Your rights as a user / data subject

18. Rights as a data subject

You have the right:

  1. in accordance with Article 15 GDPR, to request information about your personal data processed by us. In particular, you can request information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the scheduled retention period, the right to rectification, cancellation, limitation of processing or objection, existence of a right to appeal, the source of their data if not collected from us, and the existence of automated decision-making including profiling and, where appropriate, meaningful information about their details;
  2. in accordance with Article 16 GDPR, to request rectification of the personal data we have stored should this be incorrect or erroneous,
  3. in accordance with Article 17 GDPR, to request deletion of your personal data stored by us, unless the processing is required to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  4. in accordance with Article 18 GDPR, to demand the restriction of the processing of your personal data, if the accuracy of the data is contested by you, the processing is unlawful, but you reject their deletion and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have objected to processing in accordance with Art. 21 GDPR;
  5. in accordance with Article 20 GDPR, you have the right to receive the personal data that you have provided to us, in a structured, commonly used and machine-readable format, or to request the transfer to another person responsible;
  6. in accordance with Article 7(3) GDPR, to withdraw your consent given to us. As a result, we are not allowed to continue the data processing based upon this consent for the future;
  7. in accordance with Article 77 GDPR, to complain to a regulatory authority. Typically, you can contact our company (see below), or the regulatory authority of your location or workplace.

19. Right to object
Insofar as your personal data are processed on the basis of legitimate interests in accordance with Article 6(1)(1)(f) GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR as long as there are reasons relating to your particular situation, or if your objection is to direct advertising. In the latter case, you have a general right to object, which we will accept without you having to provide details of your particular situation.

If you wish to exercise your right of withdrawal or right to object, please send an email to datenschutz(at)markt-consult.com 

20. Regulatory authority for data protection
If you wish to complain about the way we process your information, you have the opportunity to contact a regulatory authority for data protection. The address is as follows:

Freie und Hansestadt Hamburg
Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
Prof. Dr. Johannes Caspar
Ludwig-Erhard-Strasse 22 (7th floor), 20459 Hamburg, Germany

Tel.: Tel.: 40 / 428 54 – 4040
Fax: 40 / 428 54 – 4000
Email: mailbox(at)datenschutz.hamburg.de

21. Validity and Changes to this Privacy Policy

This data protection declaration is currently valid (last updated: April 2021).

Due to further development of our website and offers thereof or due to changes in the legal or official regulations, it may be necessary to change this privacy policy. You can retrieve and print out the privacy policy at any time from the website at https://markt-consult.com/privacy-policy?lang=en.