Deutsche VersionPrivacy Statement
MRC Systems GmbH takes the protection of your data very seriously and operates the website in accordance with the effective laws. Hereinafter we inform you on the nature and extent of the processing of your personal data.
1. Name and address of the controller
The controller for the purpose of the European General Data Protection Regulation (GDPR) and other national laws of the member states of the European Union as well as other data protection regulations is
MRC Systems GmbH
Hans-Bunte-Str. 10
69123 Heidelberg, Germany
Phone: +49-6221-13803-00
E-Mail: info@mrc-systems.de
Website:
www.mrc-systems.de
The responsible person for data protection is Dr. Marcus Goetz
Phone: +49-6221-13803-13
E-Mail: datenschutzbeauftragter@mrc-systems.de
2. General information on data processing
2.1. Extent of processing of personal data
We principally process personal data of our users only so far as it is necessary to make available an operational website and our contents and services. The processing of personal data of our users regularly takes place only after the consent of the user. One exception hereto applies in such cases, where the obtaining of the prior consent is not possible due to practical reasons and the processing of the data is permitted according to legal provisions.
2.2. Legal basis for the processing of personal data
As far as we are obtaining the consent of the data subject for the processing, article 6 section 1 lit. a GDPR provides the legal basis.
In case of a processing of personal data which are needed to fulfil a contract article 6 section 1 lit. b GDPR provides the legal basis. This also applies for processing which is needed for pre-contractual measures.
To fulfil our contractual obligations we forward order data to third parties (e.g. shipping providers). and let them use the data for that purpose. Furthermore, we process data to fulfil our fiscal and commercial provisions.
As far as it is necessary to process personal data to fulfil legal provisions article 6 section 1 lit. c GDPR provides the legal basis.
In case vital interests of the data subject or another natural person require the processing of personal data article 6 section 1 lit. d GDPR provides the legal basis.
If the processing is needed to protect the legitimate business interests of our company or third parties and if the interests, fundamental rights, and fundamental freedoms of the data subject do not predominate, article 6 section 1 lit. f GDPR provides the legal basis.
2.3. Data erasure and storage time
Personal data of data subjects are erased or blocked as soon as the purpose of the storage ceases to exist. The data can be further stored, if this is intended by European or national provisions. The blocking or erasure takes also place when such a prescribed storage period expires unless the storage is further necessary to fulfil contractual provisions.
3. Provision of websites and creation of logfiles
3.1. Nature and extent of data processing
With each call of our websites our system automatically collects data and information of the computer system of the calling device. Hereby the following data are collected:
Information on the browser type and the used version
The operation system of the user
The IP address of the user
Date and time of the access
The data are also stored in logfiles of our system. A storage of these data together with other personal data does not take place.
3.2. Legal basis of the data processing
The legal basis for the temporary storage of data and logfiles is article 6 section 1 lit. f GDPR.
3.3. Purpose of data processing
The temporary storage of the IP address in the system is necessary to enable the transfer of the website to the user. For this purpose the IP address of the user must be stored for the duration of the session.
The storage of logfiles takes place to guarantee the functionality of our website. In addition, the data serve to optimize the website and to ensure the security of our IT systems. An analysis of these data for marketing purposes does not take place in this context.
Our legitimate interest in these purposes follows article 6 section 1 lit. f GDPR.
3.4. Storage period
The data will be erased as soon as they are no more needed to fulfil the purpose of their collection. If the data are collected to provide the website, they are erased when then session is finished.
If the data are stored in logfiles this will take place not later than after 2 months. Further storage of the data is possible. In this case the IP addresses of the users are erased or alienated so that it is not possible to match them with the calling client.
3.5. Possibility to object and to erase
The collection of data to provide the website and to store the data in logfiles is obligatory needed to operate the website. There is no possibility to object for the user.
4. Contact form, order form, and e-mail contact
4.1. Nature and extent of data processing
Our website contains a contact form which can be used for electronic contacting. If a user make us of this option, the inserted data will be transferred to us and stored.
At the time of sending the message the IP address of the user as well as date and time of contacting are also stored.
Before the data are transferred you are asked to give your consent for the processing and you are referred to the privacy statement.
As an alternative you can contact us with an e-mail to the e-mail address shown on the website. In this case the user's personal data transferred with the e-mail are stored.
On our website it is further possible to send an order. If a user makes use of this option, the inserted data will be transferred to us and stored.
In this context, no data are transferred to third parties. The data are exclusively used to process the conversation.
4.2. Legal basis for the data processing
The legal basis for the processing of data in case of presence of a user's content is article 6 section 1 lit. a GDPR.
The legal basis for the processing of data in the course of sending an e-mail is article 6 section 1 lit. f GDPR. In case the e-mail contact is intended to enter into a contract, article 6 section 1 lit. b GDPR serves as the additional legal basis.
As far as the data processing is needed to enter into the contract, article 6 section 1 lit. b GDPR serves as the legal basis.
4.3. Purpose of data processing
The processing from personal data inserted in the forms only serves for the handling of the contact. In case of a contacting with e-mail it reflects our legitimate interest to process the data.
The other personal data, which are collected during the contacting, help us to avoid misuse of the contact form and to secure our IT devices.
4.4. Storage period
The data will be erased as soon as they are no more needed to fulfil the purpose of their collection. For the personal data inserted into the forms and for the data transferred with e-mail this is the case, when the conversation with the user is finished. The conversation is finished as soon as the circumstances let derive that the concerning matter is finally clarified.
If the contact with the user leads to a contractual relationship, the data will be stored in accordance with fiscal and commercial provisions.
The personal data collected during the sending will be erased not later than after two months.
4.5. Possibility to object and to erase
The user can object his consent to the processing of his personal data at any time. If the user contacts us with e-mail he can object the storage of his personal data at any time. In such a case, we can not continue the conversation.
The objection can be filed via e-mail or mail to the controller.
In such a case, all personal data, which have been stored during the contacting, will be erased.
5. Rights of the data subject
If we process your personal data, you are the data subject in accordance with the GDPR and you have the following rights against the controller:
5.1. Right of access by the data subject
You have the right to obtain from the controller the information on the purpose of the data processing, the categories of data concerned, the recipients or categories of recipients to whom the personal data have been or will be disclosed, the envisaged period for which the data will be stored, and the source of the data where they are not collected from the data subject.
5.2. Right to rectification
You have the right to obtain from the controller the rectification and/or completion of inaccurate personal data if your personal data are incorrect or incomplete.
5.3. Right to restriction of processing
You have the right to obtain from the controller the restriction of processing where one of the following applies:
the accuracy of the personal data is contested by you, for a period enabling the controller to verify the accuracy of the personal data;
the processing is unlawful and you oppose the erasure of the personal data and requests the restriction of their use instead;
the controller no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims;
you have objected to processing pursuant to article 21 section 1 GDPR pending the verification whether the legitimate grounds of the controller override those of you.
Where processing has been restricted, such personal data will be, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.
You will be informed by the controller before the restriction of processing is lifted.
5.4. Right to erasure
You have the right to obtain from the controller the erasure of your personal data.
5.5. Right to be notified
The controller will communicate any rectification or erasure of personal data or restriction of processing carried out to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. The controller will inform you about those recipients if you request it.
5.6. Right to data portability
You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, commonly used and machine-readable format. In addition, you have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.
5.7. Right to object
You have the right to retract at any time your consent to the processing of your personal data. The retraction of the consent does not tangent the lawfulness of the processing which was carried out on the basis of the consent which existed until the retraction.
The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
5.8. Right to file a complaint to the supervisory authority
You have the right to file a complaint to the supervisory authority, especially in that Member State of your habitation, your workplace or the place of the subjective conflict if you consider that the processing of your personal data is in conflict with the GDPR.