The protection of your privacy is very important to us. When processing personal data, we comply with the requirements of the EU GDPR as well as nationally applicable regulations and laws.
1. Name and address of the responsible body
Dr. Dzo Mikulovic
Mr. Florian Ehmeier
Mr. Milomir Mikulovic
MESA Electronic GmbH
Johann-Flitsch-Strasse 2
83075 Bad Feilnbach
+49 (0) 8064 – 90630-0
+49 (0) 8064 – 90630-90
info@mesa-international.de
www.mesa-international.de
2. Name and address of the data protection officer
Mr. Dominik Mikulovic
DATA Security GmbH
Bodenseestr. 12
83059 Kolbenmoor
+49 8031 4696 931
info@data-security.one
www.data-security.one
3. Scope of processing of personal data
We only process personal data of the data subjects insofar as this is necessary for the provision of this website and services as a company. We process personal data with the consent of the person concerned or on the basis of legal regulations that allow us to process them.
We process the following data for customers, suppliers or interested parties: address data, contact data, group, interest, sales data, offer data, creditworthiness data, payment data, log data, data from audits, performance data, invoice data, protocols.
For employees of a customer, supplier, partner, we process the following data: address data, contact data, the function and role as contact person for the respective order / business transaction.
4. Legal basis for processing personal data
Art. 6 para. 1 lit. b of the EU GDPR is our legal basis for processing personal data. This is necessary so that we can fulfill the contracts with the person concerned. This also applies to processing operations that are necessary to implement measures in the course of initiating a contract.
In the event that the vital interests of the data subject require the processing of personal data, we use Art. 6 Para. 1 lit. d EU GDPR as the legal basis for processing.
If we are safeguarding the interests of our company with the processing or safeguarding the interests of a third party, we use Art. 6 Para. 1 lit. f EU GDPR as the legal basis for processing.
5. Data deletion and storage duration
The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage no longer applies. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data in order to conclude or fulfill a contract.
6. Recipients of personal data (EU and third countries)
MESA Electronic GmbH employees have access to the data required to process the above-mentioned purposes.
MESA Electronic GmbH works with selected service providers. These service providers can also receive data for the above-mentioned purposes. The categories of services are: IT services, software providers, software developers, telecommunications, logistics, marketing, banking and insurance. MESA Electronic GmbH has concluded corresponding contracts and agreements with these service providers in accordance with the GDPR.
In some cases IT service providers from a third country (e.g. USA) can also be commissioned. Cooperation with service providers outside the EU only takes place if the EU Commission has confirmed an adequate level of data protection in the country in which the service provider is based, or if other mandatory data protection guarantees (e.g. binding internal data protection regulations or EU standard contractual clauses) are in place are or have been completed.
7. Website and log files
Each time you visit our website, our system automatically collects data and information from the computer system of the calling computer.
They are:
a. Information about the browser type / version
b. The user’s operating system
c. The user’s internet provider
d. The IP address of the user
e. Date and time of access
f. Website from which the user’s system accessed our website
g. Website that is accessed by the user’s system via our website
8. Legal basis for the processing of the data point 7
The legal basis for the temporary storage of the data and the log files is Art. 6 Para. 1 lit. f GDPR.
9. Purpose for processing the data, point 7
The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user’s computer. For this, the user’s IP address must be stored for the duration of the session.
10. Duration of data storage, point 7
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected.
11. Use of Google Analytics
This website uses functions of the web analysis service Google Analytics. The provider is Google Inc., 1600 Amphitheater Parkway Mountain View, CA 94043, USA. Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and that enable your use of the website to be analyzed. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. You can find more information about the handling of user data by Google Analytics in Google’s data protection declaration: https://support.google.com/analytics/answer/6004245?hl=de Browser plug-in You can save cookies by setting your browser accordingly – prevent software; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install: https://tools.google.com/dlpage/gaoptout?hl=de Objection to data collection You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie is set that prevents your data from being recorded on future visits to this website: Deactivate Google Analytics Order data processing We have concluded an order data processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics. IP anonymization We use the “Activation of IP anonymization” function on this website. As a result, however, your IP address will be shortened beforehand by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. The full IP address is only transmitted to a Google server in the USA and shortened there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
12. Use of Google Maps
On this page, Google Maps is provided by Google Inc. By using this website, you consent to the collection, processing and use of the automatically collected data by Google Inc., their representatives and third parties. You can find the terms of use of Google Maps at http://www.google.com/intl/de_de/help/terms_maps.html
13. Opposition and removal option
The collection of the data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no possibility of objection on the part of the user.
14. Use of cookies
a) Description and scope of data processing
Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. When a user calls up a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string of characters that enables the browser to be clearly identified when the website is accessed again.
b) Legal basis for data processing
The legal basis for processing personal data using cookies is Art. 6 Para. 1 lit. f GDPR.
c) Purpose of data processing
The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For this it is necessary that the browser is recognized even after changing pages.
d) Duration of storage, possibility of objection and removal
Cookies are stored on the user’s computer and transmitted to our website from there. As a user, you therefore have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that not all functions of the website can be used in full.
15. Newsletter
It is possible to subscribe to a free newsletter. When registering for the newsletter, the data of the person concerned is transmitted to us.
If you purchase goods or services from us and provide your email address, we can use it to send you a newsletter. In such a case, only direct advertising for our own similar goods or services will be sent via the newsletter.
In connection with data processing for sending newsletters, the data is not passed on to third parties. The data will only be used to send the newsletter.
The legal basis for the processing of the data after the user has registered for the newsletter is Article 6 (1) lit. a GDPR.
The legal basis for sending the newsletter as a result of the sale of goods or services is Section 7 (3) UWG.
The collection of the user’s email address is used to deliver the newsletter.
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. The user’s email address is therefore stored as long as the subscription to the newsletter is active.
The user concerned can cancel the subscription to the newsletter at any time. There is a corresponding link in every newsletter for this purpose.
16. Registration
On our website we offer users the opportunity to register by providing personal data. The data is entered in an input mask and transmitted to us and stored. A transfer of data to third parties does not take place. The following data is collected as part of the registration process:
At the time of registration, the following data is also stored:
The IP address of the user
Date and time of registration
As part of the registration process, the user’s consent to processing is the
legal basis for the processing of the data is given a consent of the user Art. 6 Abs. 1 lit. a GDPR.
A registration of the user is necessary for the availability of certain content and services on our website.
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected.
As a user, you can cancel your registration at any time. You can have the data stored about you changed at any time.
17. Contact form and email contact
A contact form is available on our website that can be used to contact us electronically. If a user makes use of this option, the data entered in the input mask will be transmitted to us and saved.
These data are:
At the time the message is sent, the following data is also stored:
The user’s IP address
Date and time of registration
In this context, the data is not passed on to third parties. The data will only be used to process the conversation.
The legal basis for processing the data is Art. 6 Para. 1 lit. a GDPR.
The legal basis for the processing of the data that is transmitted in the course of sending an email is Art. 6 Para. 1 lit. f GDPR. If the aim of the email contact is to conclude a contract, the additional legal basis for processing is Art. 6 Para. 1 lit. b GDPR.
We only process the personal data from the input mask to process the contact. If you contact us by e-mail, there is also the necessary legitimate interest in processing the data.
The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those that were sent by email, this is the case when the respective conversation with the user has ended. The conversation is over when it can be inferred from the circumstances that the matter in question has been finally clarified.
The user has the option of revoking his consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.
18. Rights of the data subject
a. Right to information
You can request confirmation from the person responsible as to whether we are processing personal data concerning you.
If such processing has taken place, you can request the following information from the person responsible:
(1) the purposes for which the personal data are processed;
(2) the categories of personal data that are processed;
(3) the recipients or the categories of recipients to whom the personal data relating to you have been disclosed or are still being disclosed;
(4) the planned duration of the storage of your personal data or, if specific information is not available, criteria for determining the storage duration;
(5) the existence of a right to correction or deletion of your personal data, a right to restrict processing by the person responsible or a right to object to this processing;
(6) the right to lodge a complaint with a supervisory authority;
(7) all available information on the origin of the data if the personal data are not collected from the data subject;
(8) The existence of automated decision-making including profiling in accordance with Art. 22 Paragraphs 1 and 4 GDPR and – at least in these cases – meaningful information about the logic involved and the scope and intended effects of such processing for the data subject.
You have the right to request information about whether the personal data relating to you is being transmitted to a third country or to an international organization. In this context, you can request to be informed about the appropriate guarantees in accordance with. Art. 46 GDPR to be informed in connection with the transfer.
b. Right to rectification
You have a right to correction and / or completion vis-à-vis the person responsible if the processed personal data concerning you is incorrect or incomplete. The person responsible must make the correction immediately.
c. Right to restriction of processing
You can request restriction of processing of the personal data concerning you under the following conditions:
(1) If you dispute the correctness of the personal data concerning you for a period that enables the person responsible to verify the correctness of the personal data check;
(2) the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
(3) the person responsible no longer needs the personal data for the purposes of processing, but you need them to assert, exercise or defend legal claims, or
(4) if you have objected to the processing in accordance with Art. 21 (1) GDPR and it has not yet been determined whether the legitimate reasons of the person responsible outweigh your reasons.
If the processing of your personal data has been restricted, this data – apart from its storage – may only be used with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or for reasons of important public interest processed by the Union or a Member State.
If the processing restriction has been restricted according to the above conditions, you will be informed by the person responsible before the restriction is lifted.
d. Right to deletion
a) Obligation to delete
You can request the person responsible to delete the personal data concerning you immediately, and the person responsible is obliged to delete this data immediately if one of the following reasons applies:
(1) The personal data concerning you are for the purposes which they were collected or otherwise processed are no longer necessary.
(2) You revoke your consent on which the processing was based in accordance with. Art. 6 para. 1 lit. a or Art. 9 Para. 2 lit. a GDPR, and there is no other legal basis for the processing.
(3) According to 21 para. 1 GDPR objection to the processing and there are no overriding legitimate reasons for the processing, or you object acc. Art. 21 para. 2 GDPR objection to the processing.
(4) The personal data concerning you have been processed unlawfully.
(5) The deletion of your personal data is necessary to fulfill a legal obligation under Union law or the law of the member states to which the person responsible is subject.
(6) The personal data relating to you were collected in relation to the information society services offered in accordance with Art. 8 Paragraph 1 GDPR.
b) Information to third parties
If the person responsible has made the personal data concerning you public and is acc. According to Art. 17 Para. 1 GDPR, he shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform those responsible for data processing who process the personal data that you are the data subject Person have requested that you delete all links to this personal data or copies or replications of this personal data.
c) Exceptions
The right to deletion does not exist if the processing is necessary
(1) to exercise the right to freedom of expression and information;
(2) To fulfill a legal obligation that requires processing under the law of the Union or of the member states to which the person responsible is subject, or to perform a task that is in the public interest or in the exercise of official authority that is transferred to the person responsible has been;
(3) for reasons of public interest in the area of public health in accordance with Art. 9 Para. 2 lit. h and i as well as Art. 9 para. 3 GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes acc. Art. 89 para. 1 GDPR, insofar as the right mentioned under section a) is likely to make the realization of the objectives of this processing impossible or seriously impair it, or
(5) for the establishment, exercise or defense of legal claims.
e. Right to information
If you have asserted the right to rectification, deletion or restriction of processing against the person responsible, the person responsible is obliged to notify all recipients to whom the personal data relating to you have been disclosed of this correction or deletion of the data or restriction of processing unless this turns out to be impossible or involves a disproportionate effort.
You have the right to be informed about these recipients by the person responsible.
f. Right to data portability
You have the right to receive the personal data concerning you, which you have provided to the person responsible, in a structured, common and machine-readable format. In addition, you have the right to transfer this data to another person responsible without hindrance from the person responsible to whom the personal data was provided, provided that
(1) the processing is based on consent in accordance with. Art. 6 para. 1 lit. a GDPR or Art. 9 Para. 2 lit. a GDPR or on a contract according to. Art. 6 para. 1 lit. b GDPR and
(2) the processing is carried out using automated procedures.</spa n>
In exercising this right, you also have the right to have your personal data transmitted directly from one person responsible to another, insofar as this is technically feasible. This must not impair the freedoms and rights of other people.
The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task that is in the public interest or takes place in the exercise of official authority that has been transferred to the person responsible.
G. Right to object
For reasons that arise from your particular situation, you have the right at any time to object to the processing of your personal data, which is based on Art. 6 Para. 1 lit. e or f DSGVO takes place to object; this also applies to profiling based on these provisions.
The person responsible will no longer process the personal data concerning you unless he can prove compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If the personal data concerning you are processed in order to operate direct mail, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising.
If you object to processing for direct marketing purposes, your personal data will no longer be processed for these purposes.
In connection with the use of information society services – regardless of Directive 2002/58 / EC – you have the option of exercising your right of objection by means of automated procedures that use technical specifications.
H. Right to withdraw the declaration of consent under data protection
law You have the right to withdraw your declaration of consent under data protection law at any time. Revoking your consent does not affect the legality of the processing carried out on the basis of your consent up to the point of revocation.
i. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your place of residence, your place of work or the place of the alleged infringement, if you are of the opinion that the processing is taking place the personal data concerning you violates the GDPR.
The supervisory authority to which the complaint was submitted informs the complainant about the status and the results of the complaint, including the possibility of a judicial remedy according to Art. 78 GDPR.
Responsible supervisory authority in Bavaria:
https://www.lda.bayern.de/de/index.html
Status: 25.05.2018