Privacy Policy
I. Name and address of the controller
For the purposes of the General Data Protection Regulation, other national data protection laws of the member states, and other data protection regulations, the controller is:
MACK FOUNDATION
incorporated foundation under civil law
Ueddinger Str. 232
D-41066 Mönchengladbach
Tel.: +49 2161 990504-0
Email: info@mackfoundation.com
Web: https://mackfoundation.com
II. Name and address of the data protection officer
Since we employ fewer than 20 people to continually process personal data automatically, we are not required to appoint a data protection officer.
III. General information on data processing
- Scope of the processing of personal data
In principle, we process our users’ personal data only to the extent necessary to provide a functional website as well as our content and services. Our users’ personal data are normally processed only with the consent of the user in question. The only exception to this is cases where it is impossible for us to obtain prior consent for factual reasons and the processing of the data in question is permitted under statutory provisions.
- Legal bases for processing personal data
Processing personal data based on the data subject’s consent is legally based on Art. 6(1)(a) GDPR.
Processing personal data to perform a contract to which the data subject is party is legally based on Art. 6(1)(b) GDPR. This also applies to processing operations that are necessary to perform pre-contractual measures.
Processing personal data to comply with one of our company’s legal obligations is legally based on Art. 6(1)(c) GDPR.
Processing personal data because of the vital interests of the data subject or another individual is legally based on Art. 6(1)(d) GDPR.
Processing personal data to protect a legitimate interest of our company or a third party that is not overridden by the data subject’s interests, basic rights, and fundamental freedoms is legally based on Art. 6(1)(f) GDPR.
- Data erasure and storage duration
The data subject’s personal data will be erased or blocked as soon as the purpose for which the data were originally stored no longer applies. The data may be stored beyond this point if European or national legislators have provided for this in regulations under Union law, statutes, or other regulations to which the controller is subject. The data will also be blocked or erased if a retention period prescribed by the aforementioned standards expires, unless continued storage is necessary for us to enter into or perform a contract.
IV. Providing the website and creating log files
- Description and scope of the data processing
Each time our website is accessed, our system automatically records data and information from the system of the accessing computer.
The following data are collected as part of that process:
(1). Information on the browser type and the version used
(2). The user’s operating system
(3). The user’s internet service provider
(4). The first four octets of the user’s IP address
(5). Date and time of access
(6). Websites from which the user’s system arrived at our website
(7). Websites that were accessed from the user’s system via our website
The data are also stored in our system’s log files. Those data are not stored together with any of the user’s other personal data.
- Legal basis for the data processing
Temporary storage of the data and log files is legally based on Art. 6(1)(f) GDPR.
- Purpose of the data processing
The system must store the IP address temporarily so the website can be delivered to the user’s computer. To that end, the user’s IP address must remain stored during the session.
The storage in log files is done to ensure the website’s functionality. In addition, we use the data to technically optimise the website and ensure the security of our IT systems. The data are not evaluated for marketing purposes in this context.
These purposes also entail our legitimate interest in the data processing pursuant to Art. 6(1)(f) GDPR.
- Duration of storage
The data will be erased as soon as they are no longer required to achieve the purpose of their collection. If the data were collected to provide the website, they will be erased when the session in question has ended.
If the data are stored in log files, they will be erased after seven days at the latest. Storage beyond that point is impossible. In this case, the user’s IP address will be deleted or anonymised to preclude any allocation to the accessing client.
- Option for objection and removal
For the website to operate, the data must be collected to provide the website and stored in log files. Consequently, the user cannot object to this.
V. Use of cookies
- Description and scope of the data processing
Our website uses cookies. Cookies are text files stored on the internet browser of the user’s computer system by the websites they visit. If a user accesses a website, a cookie can be stored on the user’s operating system. That cookie contains a characteristic string that allows the browser to be uniquely identified if the website is reopened.
- We use cookies to design our website to be functional. Some areas of our website need to identify the accessing browser when it travels from one webpage to another.
To that end, the following data are stored and transmitted in the cookies:
(1). Language settings
Our website also uses cookies that enable an analysis of the user’s surfing behaviour.
In this way, the following data can be transmitted:
(1). Frequency of page views
(2). Use of website functions
When our website is accessed, the user is informed about the use of cookies for analysis purposes, their consent to the processing of the personal data used in this context is obtained, and the data privacy statement is referred to.
- Legal basis for the data processing
Processing personal data by using technically necessary cookies for the purposes of § 25(2) of the Telecommunications Telemedia Data Protection Act (Telekommunikation-Digitale-Dienste-Datenschutz-Gesetz, TTDSG) is legally based on Art. 6(1)(f) GDPR.
Processing personal data by using cookies for analysis purposes with the user’s consent is legally based on Art. 6(1)(a) GDPR.
Otherwise, processing personal data by using technically necessary cookies is legally based on Art. 6(1)(f) GDPR.
- Purpose of the data processing
The purpose of using technically necessary cookies is to enable the user to use the website. Some of our website’s functions cannot be offered without the use of cookies. For those functions to work, your browser must be recognized after it has left our site and returned.
The user data collected by means of technically necessary cookies is not used to create user profiles.
Analysis cookies are used to improve the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can constantly optimise our services.
These purposes also entail our legitimate interest in the subsequent processing of personal data in accordance with Art. 6(1)(f) GDPR.
- Duration of storage, option for objection and removal
Cookies will be stored on the user’s computer and transmitted to our site from there. This means that, as a user, you also have full control over the use of cookies. By changing your browser settings, you can deactivate or restrict the storage of cookies. Once stored, a cookie can be deleted at any time. This can also be done automatically. Deactivating cookies for our website might render some of its functions unusable.
The following tools can be used on our website:
(1). Matomo (aepfel + birnen It GmbH)
(2). Newsletter tracking (rapidmail)
(3). Contact form
VI. Rights of the data subject
If your personal data are processed, you are a data subject within the meaning of the GDPR and you have the following rights toward the controller:
Under the statutory requirements (and each case must be checked individually to make sure those requirements are met), you may obtain information about your personal data, request that your personal data be corrected or erased or its processing restricted, and receive your personal data in a structured, commonly used, machine-readable format (data portability).
Under the statutory requirements (and each case must be checked individually to make sure those requirements are met), you may also lodge an objection against the processing of your personal data.
You may also lodge a complaint with a supervisory authority regarding the processing of your personal data. For more information, contact your local data protection authority.