Privacy Statement

Thank you for visiting our website.MHK respects the privacy, data protection and data security for those who use our website, which is very important to us. In this privacy statement, MHK would like to inform you about how your personal data is processed regarding our website.

Name and address of the Data Controller

The responsible body within the meaning of the German General Data Protection Regulation (GDPR) and other data protection regulations is:

MHK Marketing Handel Kooperation GmbH & Co.

Verbundgruppen Holding KG

Hans-Strothoff-Platz 1

DE-63303 Dreieich (bei Frankfurt am Main)

Germany

Tel.: +49 (0) 61 03 / 391-0

Fax: +49 (0) 61 03 / 391-119

Email: info@mhk.de

Name and address of the Data Protection Officer

The Data Protection Officer for the Controller is:

Kanzlei Krüger

Edith Krüger, Solicitor

Bahnhofstrasse 44-46

DE-65185 Wiesbaden

Germany

Tel.: +49 (0) 611 23 60 176 0

Email: kanzlei@datenschutz-krueger.de

General information on data processing

Legal basis for processing personal data

We would like to inform you about the basic principles of our data processing, as required by Art. 13 GDPR:

When we request your consent, it is based on Art. 6, para. 1(a) in conjunction with Art. 7 GDPR.
The processing of your data to carry out our services, fulfil our contracts and respond to your enquiries is based on Art. 6, para. 1(b) GDPR.
Processing for the fulfilment of our legal obligations is based on Art. 6, para. 1(c) GDPR.
For processing which is necessary for the performance of a task – devolved to the Controller – which is carried out in the public interest or in the exercise of official authority, the basis is Art. 6, para. 1(e) GDPR.
We occasionally must process data to safeguard the legitimate interests of our company or those of a third party; we only do this when your rights do not take precedence. In such cases, our legal basis is Art. 6, para. 1(f) GDPR.
If the processing of personal data is required to protect the vital interests of the data subject or of another natural person, the legal basis we use is Art. 6, para. 1(d) GDPR.

Data erasure and storage period

We comply with the principles of data minimisation in accordance with Art. 5 para. 1(c) GDPR and storage limitation in accordance with Art. 5 para. 1(e) GDPR. We will therefore only store your personal data for as long as is necessary to achieve the purposes stated here or as intended by the various retention periods provided for by law. After the respective purpose is no longer applicable, the corresponding data will be erased as soon as possible.

Information regarding the transfer of data to third countries

There are tools from companies based in third countries that are integrated into our website. If these tools are active, your personal data may be transferred to the server of the respective company. The levels of data protection in third countries are generally not the same as those afforded under EU data protection law. There is therefore the risk that your data may be disclosed to the authorities in these third countries. We do not have any influence over this processing activity.

External links

This website may contain links to third-party websites or to other websites for which we are responsible. If you follow a link to a website for which we are not responsible, please be aware that this website will have its own privacy statement. We accept no responsibility or liability for these external websites or their privacy policies. Before using these websites, please therefore check whether you agree with the privacy statements set out there.

You can recognise external links because they are either a different colour from the rest of the text or underlined. When your cursor moves over a link, it will show you the external link. Your personal data will only be transferred to the external link destination if you click on the link. The operator of the other website will be able to see your IP address, the time that you clicked on the link and the webpage you clicked on, as well as other information, which you can find listed in the privacy statement of the respective provider.

Please be aware that individual links may result in data being transferred outside of the European Economic Area (EEA). This could lead to authorities in other countries accessing your data. There may be no legal remedies available to you in the event of this type of data access. If you do not wish your personal data to be transferred to the link destination or exposed to access by authorities in other countries without your consent, please do not click on any links.

Rights of the data subject

We would like to inform you of your rights in respect of your personal data. These rights are set out in the GDPR:

Right of access (Art. 15 GDPR): You have the right to know what data we have stored about you, the reason for us retaining it and to whom it is disclosed. For information requests from you that are not in written form, please be aware that we may need to obtain evidence from you to verify that you are the person you are claiming to be.
Right to rectification (Art. 16 GDPR): If any of your data is incorrect, you can request that we correct it.
Right to erasure (Art. 17 GDPR): You can require us to erase your data if there is no longer any valid reason for us to keep it.
Right to restriction of processing (Art. 18 GDPR): Sometimes you may not want us to completely erase your data; you may only want it not to be actively used. If this is the case, you can request that we limit the processing of your data.
Right of objection (Art. 21 GDPR): You have the right to object to your data being used for specific purposes. In the case of direct marketing, you always have the right to refuse.
Right to data portability (Art. 20 GDPR): You have the right to receive your data in a usable format and have it sent to another entity.
Right to lodge a complaint with a supervisory authority: If you think that we have not handled your data correctly, you can lodge a complaint with a supervisory authority. You can make a complaint to a supervisory authority in the EU member state where you are living or working, or in the country where the alleged breach took place.
Right to withdraw consent: If you have consented to us using your data, you can withdraw this consent at any time.

Provision of the website (web host)

Our website is hosted by:

A100 ROW GmbH

Marcel-Breuer-Strasse, 12, DE-80807 Munich

Germany

When you access our website, we automatically collect and store information in server log files. This information is automatically transferred by your browser to our server or to the server of our hosting company.

This information is:

IP address of the end device of the website user/visitor
Device used
Host name of the accessing computer
User’s operating system
Browser type and version
Name of the file accessed
Time of the server request
Data volume
Information on whether the access was successful.

This data is not combined with other data sources.

Instead of operating this website on our own server, we may also arrange for it to be operated on a server belonging to an external provider (a hosting company); if this is the case, we have given their name above. The personal data collected from this website will then be stored on the hosting company’s servers.

In addition to the data specified above, the web host also stores data for us such as contact requests, contact information, names, access data, meta and communication data and other data generated on a website.

The legal basis for the processing of this data is Art. 6, para. 1(f) GDPR. Our legitimate interest is the operation of the website free of technical errors and its optimisation. If the website is accessed for the user to enter contract negotiations with us or conclude a contract, this serves as a further legal basis (Art. 6, para. 1(b) GDPR). If we have engaged a hosting company, there exists a contract regarding order processing with this service provider.

Use of local storage items, session storage items and cookies

Our website uses local storage items, session storage items and/or cookies. In local storage, a mechanism enables the storage of data within the browser on your end device.

This data mainly contains user preferences, such as whether ‘day’ or ‘night’ mode is preferred on the website, and it remains until manually deleted by the user.

Session storage is like local storage, but the storage period is only to the end of the current session, i.e. until the current tab is closed. The session storage items are then deleted from the end device.

Cookies refer to information which a web server (a server providing web content) stores on your end device to be able to identify this device. They are either stored temporarily for the duration of a session (session cookies) and erased at the end of your website visit or stored permanently (permanent/persistent cookies) on your device, until you either delete them or they are automatically deleted by your web browser.

These objects may also be stored on your end device by third-party companies when you visit our website (third-party requests). These enable us, as the website operator, and you, as the visitor, to use certain third-party services which are installed on this website. Some examples are for payment processing services or displaying videos.

These mechanisms have numerous applications. They can improve the website’s functionality, manage shopping basket functions and make the website more secure and easier to use, as well as carrying out analysis of visitor flow and behaviour.

These can be classified under data protection law according to their individual functions. If they are necessary for the operation of the website and intended to provide specific functions (the shopping basket function) or serve to optimise the website (e.g. cookies to measure visitor behaviour), then their use is based on Art. 6, para. 1(f) GDPR. As the website operator, we have a legitimate interest in the storing of local storage items, session storage items and cookies to enable us to provide a service which is optimised and free of technical faults.

In all other cases, local storage items, session storage items and cookies are only stored after you have given your express consent (Art. 6, para.1(a) GDPR).

If local storage items, session storage items or cookies from third-party companies or for the purpose of analysis are used, we will inform you about them separately within this privacy statement. Your consent will be required, and this will be requested; it can be withdrawn at any time.

Use of external services

External services are used on our website. External services are services provided by third-party providers which are utilised on our website. They are used for many different reasons, e.g. embedding videos or maintaining a secure website.

In using these services, personal data is also transferred to the provider of the respective external service. In cases where there exists no legitimate basis for us to use these services, we request your consent as a website user before they are used; this consent can be withdrawn at any time (Art. 6, para.1(a) GDPR).

Analytics

We process the personal data of website users for the analysis of visitor behaviour. By evaluating the data obtained, we can compile information about the use of individual elements of our website. This can be used to make our website more user-friendly. By means of the analytics tools, for example, user profiles can be created for targeted advertising related to the user’s interests, website visitors can be recognised when they next visit our website, their clicking and scrolling behaviour can be analysed, their downloads measured, heat maps created, page retrievals identified, length of visit or bounce rate measured, and where they are from tracked (city/town, country, the website from which the visitor comes). With the help of the analytics tools, we can improve our market research and marketing activities.

Processing is only carried out if you give your consent to this data processing (via the consent banner on the website). The legal basis for this processing is consent (Art. 6, para.1(a) GDPR). If user consent is not given, then the data processing as described above is not carried out. If you withdraw your consent (e.g. via the consent banner or other options provided on this website), we will cease the data processing. The legality of the data processing already carried out remains unaffected by the withdrawal.

Google Analytics

We use the Google Analytics service on our website. The service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Using the service may result in data transfer to a third country (USA). The provider is certified under the EU-US Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider’s privacy statement at https://policies.google.com/privacy.

This service uses the following cookies on our website:

Name: _ga

Storage period: 400 days

Type: First-party cookie

Purpose: Contains a randomly generated user ID. Using this ID, Google Analytics can identify returning users on this website and merge the data from previous visits.

Name: _ga_91DRYW3W7N

Storage period: 400 days

Type: First-party cookie

Purpose: Collects data on how often a user has visited a website, as well as data for the first and last visits.

LinkedIn Insight Tag

We use the LinkedIn Insight Tag service on our website. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Using the service may result in data transfer to a third country (USA). The provider is certified under the EU-US Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider’s privacy statement at https://www.linkedin.com/legal/privacy-policy.

Consent management

To fulfil data protection requirements, we use a consent management tool on our website. With this, we obtain the required consents for the setting of cookies or the use of external services. The user consents are saved.

The processing is necessary for compliance with a legal obligation to which the Data Controller (the operator of the website) is subject. The legal basis of the processing is therefore Art. 6, para. 1(c) GDPR.

Usercentrics

We use the Usercentrics service on our website. The provider of the service is Usercentrics GmbH, Sendlinger Strasse 7, DE-80331 Munich, Germany.

Further information can be found in the provider’s privacy statement at https://usercentrics.com/de/datenschutzerklaerung .

The service uses cookies on our website and stores data in the local or session storage of the browser:

Name uc_gcm

Storage period Permanent

Type First-party local storage

Purpose: Stored by Usercentrics on the local end device.

Name uc_settings

Storage period Permanent

Type First-party local storage

Purpose: Contains the Usercentrics settings for consent to different data processing processes, as well as the effective date of the consent/refusal.

Name uc_ui_version

Storage period Permanent

Type First-party local storage

Purpose: Saves the version number of the consent banner’s UI which is used in the current domain.

Name uc_user_country

Storage period Session

Type First-party session storage

Purpose: Saves the country and region of the visitor to display the Usercentrics interface in the appropriate language.

Name uc_user_interaction

Storage period Permanent

Type First-party local storage

Purpose: Saves information on whether a preferred data processing option has already been selected.

Content Delivery Network (CDN)

We use a Content Delivery Network (CDN) to optimise the performance and availability of our website. For this, your IP address as well as data on when you have visited our website are processed by the service provider who provides this network. All further information on the data processing carried out by this provider can be found in their privacy statement.

We base this processing on legitimate interest (Art. 6, para. 1(f) GDPR. Our legitimate interest for the use of a Content Delivery Network is to enable us to make our website as fast, secure and reliable as possible.

Amazon CloudFront

We use the Amazon CloudFront service on our website. The provider is Amazon Web Services EMEA S.à r.l., 38 Avenue John F. Kennedy, LU-1855 Luxembourg.

Using the service may result in data transfer to a third country (USA). The provider is certified under the EU-US Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider’s privacy statement at https://aws.amazon.com/de/privacy/.

CloudFlare

We use the CloudFlare service on our website. The provider of the service is Cloudflare Germany GmbH, Rosental 7, DE-80331 Munich, Germany.

Using the service may result in data transfer to a third country (USA). The provider is certified under the EU-US Data Privacy Framework and therefore offers an appropriate level of data protection. Further information can be found in the provider’s privacy statement at https://www.cloudflare.com/privacypolicy/.

Google APIs CDN

We use the Google APIs CDN service on our website. The service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Static

We use the Google Static service on our website. The service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Using the service may result in data transfer to a third country (USA). The provider is certified under the EU-US Data Privacy Framework and therefore offers an appropriate level of data protection. Further information can be found in the provider’s privacy statement at https://policies.google.com/privacy.

Hosting

Hosting refers to the provision of web space and the files on it with a web host. It entails the transfer and storage of personal data on the web host’s servers. IP addresses, user meta and communications data and data on websites accessed are processed. When a user visits a website, a connection to the web host’s servers is created. In the process, the website visitor’s personal data is processed.

We base this processing on legitimate interest (Art. 6, para. 1(f) GDPR. Our legitimate interest is to display our website and make it available online.

Amazon Web Services

We use the Amazon Web Services service on our website. The provider is Amazon Web Services EMEA S.à r.l., 38 Avenue John F. Kennedy, LU-1855, Luxembourg. Using the service may result in data transfer to a third country (USA). The provider is certified under the EU-US Data Privacy Framework and therefore offers an appropriate level of data protection. Further information can be found in the provider’s privacy statement at https://aws.amazon.com/de/privacy/.

Interface software

Business processes are more economical, more error-free and faster to operate when they are automated using interface software. This can be efficiently integrated into the business processes on the website itself or on social media. We use interface software on our website to link different applications together and to transfer personal data securely between applications.

doo

We use the doo service on our website for registrations and events management. The provider of the service is doo GmbH, Hultschiner Strasse 8, DE-81677 Munich, Germany. Further information can be found in the provider’s privacy statement at https://www.doo.net/datenschutz.

Google APIs

We use the Google APIs service on our website. The service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Using the service may result in data transfer to a third country (USA). The provider is certified under the EU-US Data Privacy Framework and therefore offers an appropriate level of data protection. Further information can be found in the provider’s privacy statement at https://policies.google.com/privacy.

Google Tag Manager

We use the Google Tag Manager service on our website. The service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Using the service may result in data transfer to a third country (USA). The provider is certified under the EU-US Data Privacy Framework and therefore offers an appropriate level of data protection. Further information can be found in the provider’s privacy statement at https://policies.google.com/privacy.

Social media

We use social media plug-ins to link our website with our social media channels. Integrating the plug-ins aims to make it easier for website users to follow our social media channels, share content, give ‘likes’ or leave comments. Some social media plug-ins make it possible to analyse the user behaviour of visitors to our website with regards to their behaviour on social networks. By using the plug-ins, we aim to increase the visibility of our social media channels and the number of followers.

Personal data is also processed by the plug-ins and the data transferred to these social networks. This transfer commences as soon as the website is accessed. Data, which is processed includes, for example: name, address, email address, telephone number, time of access, device information, IP address.

LinkedIn

We use the LinkedIn service on our website. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. Using the service may result in data transfer to a third country (USA). The provider is certified under the EU-US Data Privacy Framework and therefore offers an appropriate level of data protection. Further information can be found in the provider’s privacy statement at https://www.linkedin.com/legal/privacy-policy.

This service uses the following cookies on our website:

Name AnalyticsSyncHistory

Storage period 30 days

Type Third-party cookie, linkedin.com

Purpose: Used to store information about the time of synchronisation with the lms_analytics cookie.

Name bcookie

Storage period 365 days

Type Third-party cookie, linkedin.com

Purpose: Browser identifier cookie for the unique identification of devices accessing LinkedIn to identify any misuse of the platform.

Name bscookie

Storage period 365 days

Type Third-party cookie, linkedin.com

Purpose: This cookie is used as a reminder that a signed-in user has been verified with two-factor authentication.

Name li_gc

Storage period 180 days

Type Third-party cookie, linkedin.com

Purpose: Saves guests’ consents to the use of cookies for non-essential purposes.

Name li_sugr

Storage period 90 days

Type Third-party cookie, linkedin.com

Purpose: This cookie is used to store browser details.

Name lidc

Storage period 24 days

Type Third-party cookie, linkedin.com

Purpose: To facilitate the selection of data centres

Name UserMatchHistory

Storage period 30 days

Type Third-party cookie, linkedin.com

Purpose: Synchronisation of the LinkedIn Ads ID

Sales platform

Implementation of elements from sales platforms enables product sales on our website or the referring of the user to the website of another provider. This entails the processing of personal data, e.g. name and delivery address.

Processing is only carried out if you give your consent to this data processing (via the consent banner on the website). The legal basis for this processing is consent (Art. 6, para.1(a) GDPR). If user consent is not given, then the data processing as described above is not carried out. If you withdraw your consent (e.g. via the consent banner or other options provided on this website), we will cease this data processing. The legality of the data processing already carried out remains unaffected by the withdrawal.

Google Play

We use the Google Play service on our website. The service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Using the service may result in data transfer to a third country (USA). The provider is certified under the EU-US Data Privacy Framework and therefore offers an appropriate level of data protection. Further information can be found in the provider’s privacy statement at https://policies.google.com/privacy.

Video/music services

Audios and videos are integrated on our website. These are retrieved from the server of our provider, which is referred to as the audio or video platform. To be able to play an audio or video, your end device opens a link with the audio or video platform and transfers personal data to it. This data includes the IP address, other location data or information about the user’s browser and end device.

YouTube

We use the YouTube service on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Using the service may result in data transfer to a third country (USA). The provider is certified under the EU-US Data Privacy Framework and therefore offers an appropriate level of data protection. Further information can be found in the provider’s privacy statement at https://policies.google.com/privacy.

The service uses cookies on our website and stores data in the local or session storage of the browser:

Name -3dfea69f-28589505

Storage period Session

Type Third-party session storage, www.youtube.com

Purpose Stored by YouTube on the local end device.

Name -63c98722-28589505

Storage period Session

Type Third-party session storage, www.youtube.com

Purpose Stored by YouTube on the local end device.

Name -f6748213869fdb0

Storage period Session

Type Third-party session storage, www.youtube.com

Purpose Stored by YouTube on the local end device.

Name 18aed84e-456c8568[5]

Storage period Session

Type Third-party session storage, www.youtube.com

Purpose Stored by YouTube on the local end device.

Name 3d8c2b706141c397

Storage period Session

Type Third-party session storage, www.youtube.com

Purpose Stored by YouTube on the local end device.

Name iU5q-! O9@$

Storage period Session

Type Third-party session storage, www.youtube.com

Purpose Stored by YouTube on the local end device.

Name VISITOR_INFO1_LIVE

Storage period 180 days

Type Third-party cookie, www.youtube.com

Purpose Used to provide bandwidth estimates.

Name VISITOR_PRIVACY_METADATA

Storage period 180 days

Type Third-party cookie, www.youtube.com

Purpose This cookie stores the user’s cookie-consent status for the current domain

Name YSC

Storage period Session

Type Third-party cookie, www.youtube.com

Purpose Registers the unique ID to collect statistics about which YouTube videos the user has watched.

Name yt-remote-cast-installed

Storage period Session

Type Third-party session storage, www.youtube.com

Purpose Used by YouTube to enable tracking based on the geographical GPS location, estimate bandwidth, collect statistics and monitor user preferences when watching an embedded YouTube video. These cookies do not collect information by which users can be identified.

Name yt-remote-connected-devices

Storage period Permanent

Type Third-party local storage, www.youtube.com

Purpose This HTML storage key is used to control the behaviour of the integrated YouTube video player.

Name yt-remote-device-id

Storage period Permanent

Type Third-party local storage, www.youtube.com

Purpose Stores the user settings when a YouTube video integrated on another site is retrieved.

Name yt-remote-fast-check-period

Storage period Session

Type Third-party session storage, www.youtube.com

Purpose Used to regulate the behaviour of the integrated YouTube video player.

Name yt-remote-session-app

Storage period Session

Type Third-party session storage, www.youtube.com

Purpose This HTML storage key is used to control the behaviour of the integrated YouTube video player.

Name yt-remote-session-name

Storage period Session

Type Third-party session storage, www.youtube.com

Purpose Stores the user preferences for the YouTube video embedded in the video player.

Name ytidb::LAST_RESULT_ENTRY_KEY

Storage period Permanent

Type Third-party local storage, www.youtube.com

Purpose Stores the user preferences for the video player, which uses an embedded YouTube video.

Webfonts

This website uses ‘webfonts’ to give uniform fonts throughout; these are provided by an external provider and loaded by the browser when the website is retrieved. In the process, the webfonts provider is informed that our website has been retrieved from your IP address, as your browser generates a direct link to the webfonts provider.

Google Fonts

We use the Google Fonts service on our website. The service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Using the service may result in data transfer to a third country (USA). The provider is certified under the EU-US Data Privacy Framework and therefore offers an appropriate level of data protection. Further information can be found in the provider’s privacy statement at https://policies.google.com/privacy.

MyFonts

We use the MyFonts service on our website. The provider of this service is Monotype Imaging Holdings Inc., 600 Unicorn Park Drive, Woburn, Massachusetts 01801, USA. Using the service may result in data transfer to a third country (USA).

Further information can be found in the provider’s privacy statement at https://www.monotype.com/de/rechtshinweise/datenschutzrichtlinie.

Advertising

On our website, there are tools which facilitate or enable advertising and evaluate the success of the advertisements. For this, personal data is processed, the IP address, access time and information about the device.

Processing is only carried out if you give your consent to this data processing (via the consent banner on the website). The legal basis for this processing is consent (Art. 6, para.1(a) GDPR). If user consent is not given, then the data processing as described above is not carried out. If you withdraw your consent (e.g. via the consent banner or other options provided on this website), we will cease this data processing. The legality of the data processing already carried out remains unaffected by this.

Google Ads

We use the Google Ads service on our website. The service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Using the service may result in data transfer to a third country (USA). The provider is certified under the EU-US Data Privacy Framework and therefore offers an appropriate level of data protection. Further information can be found in the provider’s privacy statement at https://policies.google.com/privacy.

Google Double Click

We use the Google Double Click service on our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Using the service may result in data transfer to a third country (USA). The provider is certified under the EU-US Data Privacy Framework and therefore offers an appropriate level of data protection. Further information can be found in the provider’s privacy statement at https://policies.google.com/privacy.

LinkedIn Ads

We use the LinkedIn Ads service on our website. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. Using the service may result in data transfer to a third country (USA). The provider is certified under the EU-US Data Privacy Framework and therefore offers an appropriate level of data protection. Further information can be found in the provider’s privacy statement at https://www.linkedin.com/legal/privacy-policy.

Event management

We send out the invitations to upcoming events by email or post to our MHK association members and our affiliated industry partners. The invitations to our events are sent to our contact person in the company, using the contact details supplied, and also similarly to those who have previously participated in our events.

The invitation includes the option to register for the event using a ‘registration button’ or a QR code.

As part of the registration process for participating in the event, we process the data provided by you and collected within the framework of participation in the event to complete your registration and facilitate your participation in the event. This also applies to any other persons you register for the event.

This data processing is based on Art. 6, para. 1(b) GDPR, for the implementation of pre-contractual measures and for the fulfilment of the contract for executing the event.

doo for registration and event management

We use the doo service on our website for registrations and event management. The provider of the service is doo GmbH, Hultschiner Strasse 8, DE-81677 Munich, Germany. Further information can be found in the provider’s privacy statement at https://www.doo.net/datenschutz.

Payment processing

We handle payments only in the circumstances set out in the Booking Conditions. The Booking Conditions can be found here.

In the cases specified there, your data will be further processed so that we can invoice you using our accounting software.

Photographs/video recording during the event

To give our customers, business partners and others a favourable impression of us and what we do, we would like to take photographs and carry out video and audio recordings at the event and store and publish them. We would like to give you more information about this processing:

What data about you will be processed? And for what purpose?

We would like to publish selected photographs and video recordings of the event, if applicable, as well as your name and which company you are with, on our website (https://events.mhk.de/), on social networks (YouTube, LinkedIn etc.) and in other film and online media* for publicity purposes and informational coverage of the event for interested parties. We also aim to use and publish these as part of our press and publicity activities and for subsequent publication on the company’s timelines and/or in brochures/flyers (printed or electronic).

What is the legal basis for this?

The processing of photographs and video and audio recordings (collection, storage and disclosure to third parties) is carried out based on your express consent in accordance with Art. 6, para. 1a GDPR.

How long will my data be retained?

We store and process your photographs, video and audio recordings and information until you withdraw your consent.

To which recipients will the data be disclosed?

The photographs and recordings may be passed to employees in our marketing and press departments, who will retain and process the photographs as necessary as part of their work activities.

Image data about you and information about you (in particular, your name) will, in the event of publication, be disclosed to the service providers involved, for example, on social networks (as specified above) and in film and online media. For possible subsequent publication in the company’s timelines and brochures, it may be disclosed to service providers such as report writers, publishers and other businesses.

Please be aware that when data is uploaded to the internet, for example onto our website, it can also be accessed by search engines. You should therefore be aware that your name, as well as photographs and video and audio recordings may also be found by search engines. After publication on the internet, the images and recordings of you, and your data, can be retrieved from anywhere in the world. We therefore cannot rule out the use of these by third parties.

Right to withdraw consent

Consent to the processing of photographs, videos and audio recordings can be withdrawn at any time with future effect by emailing us at events@mhk.de. This does not affect the legality of the processing that was carried out based on your consent up until its withdrawal.

Privacy statement on contact with MHK Event Management

Contact via email to support@mobile-event-app.com or events@mhk.de.

If you send us an enquiry by email, the data included in the email for us to deal with the enquiry will be stored, also in the event of follow-up questions. This data will not be disclosed without your consent.

If your enquiry relates to the fulfilment of a contract or is required for the implementation of pre-contractual measures, the processing of this data is based on Art. 6, para. 1(b) GDPR. In all other cases, the processing is based on our legitimate interest in the efficient processing of the enquiry (Art. 6, para. 1(f) GDPR) or on your consent (Art. 6, para. 1(a) GDPR), if this was requested; consent can be withdrawn at any time.

We will retain the data you provide via email or telephone for 6 months unless you request us to erase it, withdraw your consent for its storage or if the purpose for storing the data no longer applies (e.g. after we have completed processing your enquiry). If it leads to a contractual relationship or the data is required for billing purposes, we are subject to the retention periods under law of up to 10 years and will erase your data after this time.

Please check this period; compliance with it is mandatory if, after the query is resolved, no further data processing, e.g. for contractual or billing purposes, is required.

Objecting to advertising emails

It is hereby expressly prohibited to use the contact details published in the context of the obligation to provide a legal notice under German law for the sending of unsolicited advertisements and information materials.

The operators of the website expressly reserve the right to take legal action in the case of unsolicited advertising such as spam emails.

Annual General Meetings of the MHK Group

Here, we would like to inform you about the processing of personal data in accordance with Art. 13/14 GDPR regarding the preparations for and conduct of the annual general meetings and the follow-up activities.

What data about you will be processed? And for what purpose?

The company processes the following personal data: the data processed by MHK includes surname, first name, form of address and title, address and email address, as well as other contact information of the participant and their representatives, if applicable. For guests and press representatives, first name, surname, title and address, as well as email address and registration information where necessary.

In connection with the annual general meeting, we are compelled to comply with various legal requirements which necessitate the processing of personal data.

How long will my data be retained?

Data collected in connection with the annual general meetings is generally retained for up to three years, unless any special legal requirements stipulate otherwise. If commercial or tax retention obligations apply, the data must generally be kept for up to ten years. Furthermore, in exceptional cases, we retain personal data where we are required to do so in connection with claims against the company (statutory limitation period of up to thirty years).

To which recipients will the data be disclosed?

External service providers and consultants: The company engages various service providers for the annual general meeting, such as service providers to conduct the annual general meeting, as well as service providers and consultants. These service providers are only given the personal data they require for providing their services. They have obligations under order processing agreements in accordance with Art. 28 GDPR and carry out data processing only according to our instructions.

Authorities and other recipients: We may also be obliged to provide your personal data to other recipients, such as public authorities, to comply with our duty of disclosure under law.

Where is the data processed?

The personal data is generally processed in countries within the European Union (EU) or the European Economic Area (EEA).

* We will supply the names of the media on request.

Status and amendment of this Privacy Statement

This Privacy Statement is current as of 11.09.2024.

As our website and the services, we offer on this website develop, or changes in statutory or regulatory requirements come into effect, it may become necessary to amend this Privacy Statement.

Contact:

events@mhk.de

Social Media:

to Linkedin

Language:

Imprint Data privacy Booking & Attendance Conditions