Data protection notice

Thank you for visiting our website mkm-datenschutz.de and for your interest in our company.

We are committed to protecting your personal data, e.g. date of birth, name, telephone number, address, etc.

This Privacy Policy is intended to inform you about the processing of any personal data that we may collect from you when you visit our website. Our data protection practices comply with the legal regulations of the EU’s General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). The following Privacy Policy serves to fulfill the information obligations stemming from the GDPR. These can be found, for example, in Art. 13 and Art. 14 et seq. of the GDPR.

Person responsible

The person responsible as defined in Art. 4 No. 7 of the GDPR is the person who alone or jointly with others determines the purposes and means of the processing of personal data.

With regard to our website, the responsible party is:

MKM Datenschutz GmbH
Äußere Sulzbacher Str. 118
90491Nuremberg
Germany
E-mail: info@mkm-datenschutz.de
Phone: +49911 990 860-0

Provision of the website and creation of log files

Each time our website is accessed, our system automatically collects data and information from the respective retrieving device (e.g. computer, cell phone, tablet, etc.).

What personal data is collected and to what extent is it processed?

(1) Information about the browser type and version used;

(2) The operating system of the accessing device;

(3) Host name of the accessing computer;

(4) The IP address of the retrieval device;

(5) Date and time of access;

(6) Websites and resources (images, files, other page content) that were accessed on our website;

(7) Websites from which the user’s system accessed our Internet site (referrer tracking);

(8) Message as to whether the retrieval was successful;

(9) Volume of data transferred

This data is stored in the log files of our system. These data are not stored together with personal data of a specific user, thus an identification of individual site visitors is not possible.

Legal basis for the processing of personal data

Art. 6 para. 1 lit. f GDPR (legitimate interest). Our legitimate interest is to ensure the achievement of the purpose described below.

Purpose of the data processing

The temporary (automated) storage of data is necessary for the course of a website visit to enable delivery of the website. The storage and processing of personal data is also carried out to maintain the compatibility of our website for as many visitors as possible and to combat abuse and eliminate malfunctions. For this purpose, it is necessary to log the technical data of the retrieving computer in order to be able to react as early as possible to display errors, attacks on our IT systems and/or errors in the functionality of our website. In addition, we use the data to optimize the website and to generally ensure the security of our information technology systems.

Duration of storage

The deletion of the aforementioned technical data takes place as soon as they are no longer needed to ensure the compatibility of the website for all visitors, but no later than 3 months after accessing our website.

Possibility of objection and deletion

You may object to the processing at any time as per Art. 21 of the GDPR and request deletion of data as per Art. 17 of the GDPR. You can find out which rights you have and how to assert them in the lower section of this Privacy Policy.

Special functions of the website

Our site offers you various functions, during the use of which personal data is collected, processed and stored by us. Below we explain what happens to this data:

Contact form(s)

  • What personal data is collected and to what extent is it processed?

The data you have entered in the input mask of our contact forms.

  • Legal basis for the processing of personal data

Art. 6 para. 1 lit. a of the GDPR (consent through clear confirming action or behavior).

  • Purpose of data processing

We will use the data taken via our contact form only for processing the specific contact request received through the contact form. Please note that in order to fulfill your contact request, we may also send you e-mails to the address provided. This is done to ensure that you can receive confirmation from us that your request has been correctly forwarded to us. However, sending this confirmation e-mail is not obligatory for us and is only for your information.

  • Duration of storage

After processing your request, the collected data will be deleted immediately, unless there are legal retention periods.

  • Revocation and deletion options

The revocation and deletion options are based on the general regulations on the right of revocation and deletion under data protection law described below in this Privacy Policy.

  • Necessity of providing personal data

The use of the contact forms is on a voluntary basis and is neither contractually nor legally required. You are not obliged to contact us via the contact form, but can also use the other contact options provided on our site. If you wish to use our contact form, you must fill in the fields marked as mandatory. If you do not fill in the required information of the contact form, you will either not be able to send the request or we will unfortunately not be able to process your request.

Newsletter registration form

  • What personal data is collected and to what extent is it processed?

By registering for the newsletter on our website, we receive the e-mail address entered by you in the registration field and, if applicable, further contact data, provided that you communicate this to us via the newsletter registration form.

  • Legal basis for the processing of personal data

Art. 6 para. 1 lit. a of the GDPR (consent by unambiguous confirming action or behavior).

  • Purpose of data processing

We will use the data recorded in the registration mask of our newsletter exclusively for sending our newsletter, in which we inform you about all our services and our news. After registration, we will send you a confirmation e-mail containing a link that you must click to complete the registration for our newsletter (double opt-in).

  • Duration of storage

You can cancel our newsletter at any time by clicking on the unsubscribe link, which is also included in every newsletter. We will delete your data immediately after unsubscribing, unless there is a legal obligation to retain it. Likewise, we will immediately delete your data in the event that your subscription is not completed. We reserve the right to delete without giving reasons and without prior or subsequent information.

  • Revocation and deletion options

The revocation and deletion options are based on the general regulations on the right of revocation and deletion under data protection law described below in this Privacy Policy.

  • Necessity of providing personal data

If you wish to use our newsletter, you must fill in the fields marked as mandatory and confirm your e-mail address by clicking on the double opt-in link. The information provided for newsletter registration is neither necessary to enter into a contract with us nor legally binding. They are used exclusively for sending our newsletter. If you do not fill in the mandatory fields, we will unfortunately not be able to provide you with our newsletter service.v

Appointment booking form

  • Scope of the processing of personal data

The data entered by you as part of our appointment booking form.

  • Legal basis for the processing of personal data

Art. 6 para. 1 lit. b of the GDPR (implementation of (pre)contractual measures).

  • Purpose of data processing

We will only use the data collected via our appointment booking form for the processing of appointment requests received through the appointment booking form.

  • Duration of storage

Your appointment booking will be deleted by us immediately after the expiration of 12 months after the appointment was scheduled, unless there is a legal obligation to keep it. We reserve the right to delete your data without giving reasons and without prior or subsequent notification.

  • Necessity of providing personal data

Although the use of our appointment booking form is neither contractually nor legally required, it is necessary if you wish to book an appointment with us online. To book online, you must provide certain mandatory information. If you do not fill in the mandatory information completely, your appointment booking cannot be accepted or processed.

Statistical analysis of visits to this website – Webtracker

We collect, process and store the following data when you visit this website or individual files on the website: IP address, website from which the file was accessed, name of the file, date and time of access, amount of data transferred and report on the success of the access (so-called web log). We use this access data exclusively in non-personalized form for the continuous improvement of our Internet offering and for statistical purposes. We also use the following web trackers to evaluate visits to this website:

Matomo (local)

  • Scope of the processing of personal data

Our website contains a tracking code from Matomo (formerly Piwik), an open-source web analysis tool (https://matomo.org). In this regard, we alone carry out the web tracking without any reference to persons. Matomo is hosted on our own server infrastructure for this purpose. There is therefore no transmission to third parties.

We collect, process and store usage data about the use of our site, such as referrer links, the length of stay on certain URLs, the clickstream and also data about your browser settings, such as the vendor of the browser and also its version, the screen resolution and the operating system used.

Art. 6 para. 1 lit f of the GDPR is the legal basis for the legitimate interest in the analysis of the website.

If necessary, we also collect and store parts of your IP address and information about the loading speed of our website. From this data, we can only create anonymous usage profiles and extract statistical information. We also use cookies as part of Matomo web tracking to distinguish returning site visitors from first-time visitors. Cookies are small text files that are stored locally in the memory of your Internet browser and contain a separate ID and possibly other technical information. The data collected in this context will not be merged with other personal data we may have without your separate consent.

  • Legal basis for the processing of personal data

In many cases there is no personal reference. If a reference to a person does arise, Art. 6 para. 1 lit f of GDPR constitutes the legal basis for the collection and the legitimate interest in the analysis of our website.

  • Purpose of data processing

The purpose of conducting web tracking is to analyze user flows in order to enable us to anonymously monitor the functionality and user-friendliness of our website and to constantly improve our Internet offering. Its sole purpose is to collect statistical, non-personal data.

  • Duration of storage

We store all web tracking data collected by means of Matomo for an indefinite period of time, insofar as this data is only available to us in anonymized form. If the data is not anonymized, we will delete it after 12 months at the latest.

  • Possibility of objection and deletion

You can prevent the collection of the aforementioned data and its processing by installing a JavaScript blocker to prevent the collection of other app analysis data. Insofar as a personal reference should arise, you can revoke your consent at any time according to the provisions outlined in this Privacy Policy.

Integration of external web services and processing of data outside the EU

We use active content from external providers, so-called web services, on our website. By opening our website, these external providers may receive personal information about your visit to our website. This may involve the processing of data outside the EU. You can prevent this by installing an appropriate browser plug-in or disabling the execution of scripts in your browser. This may result in functional restrictions on Internet pages that you visit.

We use the following external web services:

  • Bootstrap CDN

On our website, a web service of the company StackPath, LLC, 2021 McKinney Avenue, Suite 1100, 75201 Texas, United States of America (hereinafter: Bootstrap CDN) is reloaded. We use this data to ensure the full functionality of our website. For this purpose, your browser may transmit personal data to Bootstrap CDN. Art. 6 para. 1 lit. f of the GDPR is the legal basis for the data processing. The legitimate interest consists in an error-free function of the website. The standard contractual clauses concluded between us and StackPath, LLC serve as the legal basis for the transfer to a third country without an adequacy decision. According to Art. 46 of the GDPR, this constitutes an appropriate guarantee as defined by the GDPR. The deletion of the data takes place as soon as the purpose of its collection has been fulfilled. For more information on the handling of the transferred data, please refer to the Privacy Policy of Bootstrap CDN: https://www.bootstrapcdn.com/privacy-policy/.

You can prevent the collection as well as the processing of your data by Bootstrap CDN by disabling the execution of script code in your browser or installing a script blocker.

  • CloudFlare

On our website, a web service of the company Cloudflare, Inc, 101 Townsend St, 94107 San Francisco, United States of America (hereinafter: CloudFlare) is reloaded. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to CloudFlare. Art. 6 para. 1 lit. f of the GDPR is the legal basis for the data processing. The legitimate interest consists in an error-free function of the website. The standard contractual clauses concluded between us and Cloudflare, Inc. serve as the legal basis for the transfer to a third country without an adequacy decision. According to Art. 46 of the GDPR, this constitutes an appropriate guarantee as defined by the GDPR. The deletion of the data takes place as soon as the purpose of their collection has been fulfilled. For more information on the handling of the transferred data, please refer to the Privacy Policy of CloudFlare: https://www.cloudflare.com/privacypolicy/. You can prevent the collection as well as the processing of your data by CloudFlare by disabling the execution of script code in your browser or installing a script blocker.

  • Google Fonts

A web service of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: Google Fonts) is reloaded on our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to Google Fonts. Art. 6 para. 1 lit. f of the GDPR constitutes the legal basis for the data processing. The legitimate interest consists in an error-free function of the website. The data is deleted as soon as the purpose of its collection has been fulfilled. For more information on the handling of the transferred data, please refer to the Privacy Policy of Google Fonts: https://policies.google.com/privacy

You can prevent the collection as well as the processing of your data by Google Fonts by disabling the execution of script code in your browser or installing a script blocker in your browser.

  • Google APIS

A web service of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: Google APIS) is reloaded on our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to Google APIS. The legal basis for the data processing is Art. 6 para. 1 lit. f of the GDPR. The legitimate interest consists in an error-free function of the website. The data is deleted as soon as the purpose of its collection has been fulfilled. For more information on the handling of the transmitted data, please refer to the Privacy Policy of Google APIS: https://policies.google.com/privacy.

You can prevent the collection as well as the processing of your data by Google APIS by disabling the execution of script code in your browser or by installing a script blocker in your browser.

  • Gstatic

A web service of the company Google Ireland Limited, Gordon House, Barrow Street, 4 Dublin, Ireland (hereinafter: Gstatic) is reloaded on our website. We use this data to ensure the full functionality of our website. In this context, your browser may transmit personal data to Gstatic. The legal basis for the data processing is Art. 6 para. 1 lit. f of the GDPR. The legitimate interest consists in an error-free function of the website. The data is deleted as soon as the purpose of its collection has been fulfilled. For more information on the handling of the transmitted data, please refer to the Privacy Policy of Gstatic: https://policies.google.com/privacy.

You can prevent the collection as well as the processing of your data by Gstatic by disabling the execution of script code in your browser or by installing a script blocker in your browser.

  • JQuery

On our website, a web service of the company The Linux Foundation, 1 Letterman Drive, Building D, Suite D4700, CA 94129 San Francisco, United States of America (hereinafter: JQuery) is reloaded. If you have activated Java script in your browser and have not installed a Java script blocker, your browser may transmit personal data to JQuery. You can find more information on the handling of the transmitted data in the Privacy Policy of JQuery: https://js.foundation/wp-content/uploads/sites/33/2017/03/JS-Foundation-IP-Policy.pdf.

You can prevent the collection as well as the processing of your data by JQuery by disabling the execution of script code in your browser or installing a script blocker in your browser.

Information on the use of cookies

Scope of the processing of personal data

On various pages, we integrate and use cookies to enable certain functions of our website and to integrate external web services. The so-called “cookies” are small text files that your browser can store on your access device. These text files contain a characteristic string that uniquely identifies the browser when you return to our website. The process of saving a cookie file is also referred to as “setting a cookie”. Cookies can be set here both by the website itself and by external web services.

Legal basis for the processing of personal data

Art. 6 para. 1 lit. f of the GDPR (legitimate interest) or Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a of the GDPR (consent).

The relevant legal basis can be found in the cookie table listed later in this point.

Broadly speaking, for cookies that are collected on the basis of a legitimate interest, our legitimate interest is to ensure the functionality of our website and the services integrated on it (technically necessary cookies). In addition, it may be that the cookies increase their user-friendliness and enable a more individualized approach. Here, we have weighed your interests against our interests.

Cookie technology allows us to identify, analyze and track individual website visitors only if the website visitor has consented to the use of the cookie in accordance with Art. 6 (1) lit. a of the GDPR.

Purpose of data processing

Cookies are set by our website or external web services to maintain the full functionality of our website, to improve the user experience or to pursue the purpose stated with your consent. Cookie technology also allows us to recognize individual visitors by pseudonyms, such as a unique or random IDs, so that we can provide more customized services. Details are listed in the table below.

Duration of storage

The cookies listed below are stored in your browser until they are deleted or, in the case of a session cookie, until the session expires. More details are listed in the following table:

Session-Cookies, bis die Sitzung abgelaufen ist. Details sind in der folgenden Tabelle aufgeführt:

Cookie-NameServerProviderPurposeLegal basisStorage periodType
__cfduid.bootstrapcdn.comCloudFlareThis cookie is used to confirm that the visitor comes from a known computer. In this way, security barriers can be overcome and loading times can be accelerated.  Legitimate interestapprox. 30 daysSecurity
_pk_idwww.mkm-datenschutz.deWebseitenbetreiberThis cookie is used to recognize visitors (for example, if the visitor already has an active session) and to calculate unique visitors.Consentapprox. 13 monthsAnalytics
_pk_seswww.mkm-datenschutz.deWebseitenbetreiberThis cookie is used to calculate the number of visits by assigning an ID to each new visitor and uniquely assigning the visitor.Consentapprox. 31 minutesConfiguration
mkm_cbconsentwww.mkm-datenschutz.deWebseitenbetreiberThis cookie stores their information in view of our cookie banner.Technically necessarySessionCookie banner

Possibility of objection, revocation of consent and deletion.

You can set your browser according to your wishes to prevent the setting of cookies. You can then decide on a case-by-case basis whether to accept cookies or accept them in general. Cookies can be used for various purposes, e.g. to recognize that your access device is already connected to our website (permanent cookies) or to store recently viewed offers (session cookies). If you have expressly given us permission to process your personal data, you can revoke this consent at any time. Please note that the legality of the processing carried out on the basis of the consent until the revocation is not affected.

Data security and data protection, communication by e-mail

Your personal data is protected by technical and organizational measures during collection, storage and processing in such a way that it is not accessible to third parties. In the case of unencrypted communication by e-mail, complete data security on the transmission path to our IT systems cannot be guaranteed by us, which is why we recommend encrypted communication or the postal service for information requiring a high level of confidentiality.

Automatic e-mail archiving

  • Scope of the processing of personal data

We expressly point out that our mail system has an automated archiving procedure. All incoming and outgoing e-mails are digitally archived in an audit-proof manner.

  • Legal basis for the processing of personal data

Art. 6 para. 1 lit. c of the GDPR (legal obligation). We are legally obliged to comply with tax and commercial law requirements (e.g. §§ 146, 147 AO, §§ 238, 257 HGB).

  • Purpose of data processing

The purpose of archiving is to comply with tax law requirements (e.g. §§ 146, 147 AO – obligation to retain e-mails of relevance to tax law) and commercial law requirements (e.g. §§ 238, 257 HGB – obligation to archive business correspondence).

  • Duration of storage

Our mail communication is stored until the expiry of retention obligations under tax and commercial law. The storage period can be up to 10 years.

  • Possibility of objection and deletion

You may object to processing at any time pursuant to Art. 21 GDPR and request deletion of data pursuant to Art. 17 GDPR. You can find out which rights you have and how to assert them in the lower section of this Privacy Policy.

  • Handling of application documents

We would also like to point out that we only consider application documents in PDF file format. Zipped files (WinZip, WinRAR, 7Zip, etc.) are filtered out by our security systems and will not be delivered. We do not consider applications in Word file format and other file formats and delete them unread. Please note that application documents sent by e-mail without encryption may be opened by third parties before they reach our IT systems. We assume that we may also reply to unencrypted application e-mails without encryption. If you do not wish this to happen, please give us a note in your application e-mail.

Use of the e-learning platform

Registration on the e-learning platform

We process the personal data that you provide to us in connection with your registration for use of our e-Learning platform.

  • What personal data is collected and to what extent is it processed?

We process the following personal data from you: First and last name, company, business phone number, business e-mail.

  • Legal basis for the processing of personal data

Your personal data is processed to fulfill the contract concluded with you or by your employer. The legal basis is Article 6(1)(b) of the GDPR.

  • Purpose of the data processing

The processing of your personal data serves the purpose of creating access to the use of our e-learning portal as well as for consulting and contacting you in this regard.

  • Duration of storage

Your personal data will be processed for the first time from the time of collection and deleted after storage is no longer necessary. Otherwise, we restrict processing if there are legal retention obligations. The storage of your personal data through the use of our e-learning portal takes place until the expiry of retention obligations under tax and commercial law. The retention period can be up to 10 years. In the event that you have agreed to further storage of your personal data, we will delete your personal data after the agreed period has expired.

  • Revocation and deletion options

The revocation and deletion options are based on the general regulations on the right of revocation and deletion under data protection law described in this Privacy Policy.

  • Necessity of providing personal data

You provide us with your personal data voluntarily. You should not expect any adverse effects if you do not give your consent or do not provide personal data. However, there are situations in which we cannot act without certain personal data because it is necessary for the implementation of our e-learning platform. In such cases, we unfortunately cannot provide you with the service you require without the relevant personal data.

Visiting the e-learning platform

Each time you access our e-learning platform without logging in, our system automatically collects data and information from the respective retrieving device (e.g. computer, cell phone, tablet, etc.).