MAKA - CNC Spezialmaschinen
DEEN
Updated: 08.06.2018
 
Maka home Print this page Email: zentrale@maka.com Sitemap

Do you have any questions?

MAKA Systems GmbH
Am Schwarzen Graben 8
D - 89278 Nersingen
Phone: + 49 73 08 / 813 - 0, Fax: - 310
www.maka.com
zentrale@maka.com
How to find us

 

 

Privacy Police

Data privacy statement

Data privacy statement
pursuant to GDPR

Security classification:
PUBLIC

Date: 24.05.2018
Version: 3.3


PDF-Version

Name and address of the controller

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the Member States as well as other data protection regulations is:

 

MAKA Systems GmbH

Am Schwarzen Graben 8

89278 Nersingen / Germany

Website: www.maka.com

E-mail: zentrale@maka.com (for general questions)

E-mail: datenschutz@maka.com (for questions regarding data protection)

 

Name and address of the data protection officer

The data protection officer of the controller is:

 

Thomas Steiner

steiner-projects

E-mail: thomas.steiner@steiner-projects.de

 

General provisions regarding data processing

 

Scope of the processing of personal data

In general, we only collect and use personal data of our users insofar as this is necessary for the provision of a functioning website as well as our content and services. The collection and use of our users’ personal data only takes place - on a regular basis - after the user has given his/her consent. An exception are such cases in which the prior obtaining of a consent is not possible due to practical reasons and the processing of the data is permitted on the basis of statutory provisions.

 

Legal basis for the processing of personal data

Insofar as we obtain a consent of the data subject for the processing procedures of personal data, Article 6, paragraph 1, letter 1 of the EU General Data Protection Regulation (GDPR) forms the legal basis.

When processing personal data that are necessary to fulfil a contract, the contractual party of which is the data subject, Article 6, paragraph 1, letter b forms the legal basis. This also applies to processing procedures that are necessary to execute pre-contractual measures.

Insofar as a processing of personal data is necessary to fulfil a statutory obligation which our company is subject to, Article 6, paragraph 1, letter c GDPR forms the legal basis.

In the event that vital interests of the data subject or any other natural person are necessary to process personal data, Article 6, paragraph 1, letter d GDPR forms the legal basis.

If the processing is necessary to safeguard the legitimate interest of our company or of a third party and if these interests, basic rights and basic liberties of the data subject do not override the aforementioned interest, Article 6, paragraph 1, letter f GDPR forms the legal basis for the processing.

 

Deletion of data and duration of storage

The personal data of the data subject are deleted or blocked as soon as the purpose of the storage no longer exists. On top of that, a storage may take place if this is envisaged by the European or national legislator in regulations, laws and other provisions on the legal basis of the European Union to which the controller is subject. A blocking or deletion of data also takes place if a storage period stipulated by the mentioned standards expires unless there is a need to store data further in order to conclude or execute the contract.

 

Provision of the website and creation of log files

 

Description and scope of the data processing

With each visit to our internet site, our system automatically captures data and information from the computer system of the computer sending the request.

In doing so, the following data are collected:

 

(1)     Information about the browser type, the language and version used

(2)     The operating system and its surface

(3)     The content of the access (visited site)

(4)     The transmitted data volume

(5)     The user’s internet service provider

(6)     The user’s IP address

(7)     Date and time of the access

(8)     Websites from which the user’s system is transferred to our internet site

(9)     Websites which the user’s system visits via our website

 

The data will also be stored in our system’s log files. These data will not be stored together with other personal data of the user.

 

Legal basis for data processing

The legal basis for a temporary storage of the data and the log files is Article 6, paragraph 1, letter f GDPR.

 


 

Purpose of data processing

The temporary storage of the IP address by the system is necessary to allow the website to provide the user’s PC with the information of our website. For this purpose, the user’s IP address must be stored for the duration of the visit.

 

The log files are stored to ensure the functionality of the website. In addition, we need the data for ourselves to optimise the website and to ensure the security of our IT systems. In this regard, there is no data evaluation for marketing purposes.

 

These purposes are also the basis for our legitimate interest in data processing pursuant to Article 6, paragraph 1, letter f GDPR.

 

Term of the storage

The data will be deleted as soon as it is no longer necessary for the achievement of the purpose of their collection. In the event of the capturing of the data to provide the website this is the case when the respective visit is finished.

In the event of data storage in log files, data will be deleted within seven days at the latest. Any further storage beyond this period is possible. In this case, the users’ IP addresses are deleted or alienated so that an allocation of the client visiting the website is no longer possible.

 

Possibility to object and eliminate

It is absolutely necessary for the operation of the internet site to capture the data for the provision of the website and for the storage of the data in log files. Hence there is no possibility to object from the user’s side.

 

Use of cookies

 

Description and scope of the data processing

Our website uses cookies. Cookies are text files that are stored in the internet browser resp. by the internet browser on our user’s computer system. If a user visits our website, a cookie can be stored on the user’s operating system. This cookie has a distinctive sequence of characters that allows a clear identification of the browser when the website is visited again.

Purpose of data processing

The purpose of the use of technically necessary cookies is to facilitate the use of websites for the users. Several functions of our internet site cannot be offered without the use of cookies. For these functions it is necessary that the browser is recognised even after a visit to other websites.

We need cookies for the following applications:

(1)        Typo3 (content management system)

(2)        YouTube (embedded videos)

(3)        Google

(4)        Google Analytics

 

The user data collected by technically necessary cookies will not be used to create user profiles.

We use analysis cookies for the purpose of improving the quality of our website and its content. By using analysis cookies, we get to know how our website is used and, in doing so, we can continuously improve our offer.

The following table shows the list of cookies we use on our website.

Website

Name of cookie

Description

Expiry date

Maka.com (Typo3)

fe_typo_user

Is predominantly used for user registration in the closed areas.

End of browser session

Maka.com (google)

_ga

Is used by Google Analytics to differentiate users

2 years

Maka.com (google)

_gat

Is used by Google Analytics to restrict the requirement rate

End of browser session

Maka.com (google)

_gid

Is used by Google Analytics and registers a unique ID which is used to generate statistical data to get to know how the user utilises the website.

End of browser session

Maka.com (Typo3)

Typo3-login-cookiecheck

Is used for the registration at the Typo3 backend

End of browser session

Maka.com (Typo3)

PHPSESSID

Is used for the registration at the Typo3 backend

End of browser session

Maka.com (Typo3)

be_typo_user

Is used for the registration at the Typo3 backend

End of browser session

Maka.com (Typo3)

cookieconsent_status

Is necessary for the display of the cookies and stores if they are confirmed

1 year

Youtube.com (google)

PREF

Is used by YouTube. Registers a unique ID that is used by Google to remember statistics on how the user utilises YouTube videos on different websites.

Approx. 8 months

Youtube.com (google)

VISITOR_INFO1_LIVE

Is used by the YouTube video service and tries to evaluate the user bandwidth on sites with integrated YouTube videos.

Approx. 176 days

Youtube.com (Google)

YSC

Is used by the YouTube video service and registers a unique ID for statistics of the videos watched by the user.

End of browser session

Youtube.com (Google)

remote_sid, nextId, requests

Is used by the YouTube video service.

End of browser session

doubleclick.net (Google)

IDE

Used by Google DoubleClick to register and report on the user's activities on the website after displaying or clicking on one of the provider’s advertisements. The purpose of this is to measure the effectiveness of the advertisement and to display target-oriented advertising for the user.

1 year

Further details of the types of cookies used by Google can be referred to at Google-Site.

The users’ data collected in this way is pseudonymised by technical measures (Google Analytics with the addition “_anonymizelp()"). Hence an allocation of the data to the visiting user is no longer possible. The data will not be stored together with other personal data of the users.

You can adjust your browser software appropriately to prevent the storage of the cookies; however, we would like to make you aware of the fact that - if you do so - you might not be able to make full use of all the functions of this website. In addition, the capturing of the data created by Google via cookies and their processing can be prevented by downloading and installing the available browser plugin at the following link: http://tools.google.com/dlpage/gaoptout?hl=en

You can find further information about data protection at Google Analytics at: http://www.google.com/intl/en/analytics/privacyoverview.html

or https://policies.google.com/privacy?hl=en&gl=en

 

Legal basis for data processing

The legal basis for the processing of personal data by using cookies is Article 6, paragraph 1, letter f GDPR.

Term of the storage, possibility to object and eliminate

Cookies are stored on the user’s PC and will be transmitted by it to our site. This is why you, as a user, have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or limit the transmission of cookies. Cookies already stored can be deleted at any time. This can also be done in an automated way. If cookies are deactivated for our website, it may be possible that not all functions of the website can be used in full.

Newsletter

 

Description and scope of the data processing

If you wish to subscribe to the newsletter offered on the website, we need your e-mail address and information that allows us to check that you are the owner of the e-mail address provided and that you agree to receive the newsletter.

To guarantee that the newsletter is sent on a mutually agreed basis, we use the so-called double opt-in procedure. In the course of this procedure, the potential recipient is added to a mailing list. A subsequent confirmation e-mail offers the user the possibility to confirm the registration in a legally certain way. Only if confirmation is given, the address is added actively to the mailing list.

We use these data exclusively to send the required information and offers.

We use this newsletter software: Newsletter2Go. By using this software, your data are transmitted to Newsletter2Go GmbH. In doing so, Newsletter2Go is not allowed to sell your data or to use it for purposes other than the sending out of newsletters. Newsletter2Go is a German certified service provider that was selected according to the requirements of the General Data Protection Regulation and the German Federal Data Protection Act.

For further information, please refer to this link: https://www.newsletter2go.de/informationen-newsletter-empfaenger/

At any time, you are allowed to revoke the given consent to store your data, e-mail address as well as its use for the sending out of the newsletter. You can, for instance, do so by clicking on the “Abmelden” (unsubscribe) link in the newsletter.

The measures pursuant to data protection law are continuously subject to technical innovations. This is why we kindly ask you to inform yourself about our data protection measures by referring to our data protection statement on a regular basis.

 

In connection with data processing for the sending out of newsletters, data will not be transferred to third parties. The data are exclusively used for the sending out of newsletters.

 

Legal basis for data processing

The legal basis for data processing following the registration for the newsletter by the user is - if consent has been given - Article 6, paragraph 1, letter a GDPR.

 

Purpose of data processing

The collection of the user’s e-mail address is necessary to send the newsletter.

The collection of other personal data within the scope of the registration procedure only has the purpose to prevent a misuse of the services or the e-mail address used.

 

Term of the storage

The data will be deleted as soon as it is no longer necessary for the achievement of the purpose of their collection. Hence the user’s e-mail address will be stored as long as the subscription to the newsletter is active.

As a general rule, any other personal data collected within the scope of the registration procedure will be deleted after a period of seven days.

 

Possibility to object and eliminate

At any time, the subscription to the newsletter can be terminated by the user concerned. For this purpose, you will find a respective link in each newsletter.

This also allows a revocation of the consent to storage of personal data collected during the registration procedure.

 

Rights of the data subject

If your personal data are processed, you are deemed to be a data subject within the meaning of the GDPR and you have the following rights towards the controller:

Right to information

You have the right to demand from the controller that it provides you with a confirmation informing you if personal data concerning your person are processed by us.

If such a processing exists, you are entitled towards the responsible party to provide you with information about the following:

(1)    the purposes for which the personal data are processed;

(2)    the categories of personal data that are processed;

(3)    the recipients or categories of recipients towards whom your personal data have been disclosed or will be disclosed in future;

(4)    the planned storage period of your personal data or, if concrete information about that is not possible, criteria about the determination of the storage period;

(5)    the existence of a right to correction or deletion of your personal data, a right to restriction of the processing by the controller or the right of objection against this processing;

(6)    the existence of a right to complain to a regulatory authority;

(7)    any available information about the origin of the data if the personal data are not collected from the data subject;

(8)    the existence of an automated decision-making including profiling pursuant to Article 22, paragraphs 1 and 4 GDPR and – at least in these cases – significant information about the logic involved as well as the impact and the desired effects of such a processing for the data subject.

 

You have the right to obtain information if your personal data are transmitted to a third country or an international organisation. In this regard, you have the right to demand to be informed about the appropriate guarantees pursuant to Article 46 GDPR in connection with the transmission.

 

Right to correction

You have the right to correction and/or completion towards the controller insofar as your personal data that are processed are incorrect or incomplete. The controller must correct this data immediately.


 

Right to limit processing

Given the following preconditions, you can demand a restriction of the processing of your personal data:

(1)    if you contradict to the correctness of your personal data for a period that allows the controller to check if the personal data are correct;

(2)    if the processing is unlawful and if you oppose the deletion of the personal data and, instead, demand a restriction of the use of the personal data.

(3)    if the controller no longer needs the personal data for processing purposes, but if you need them for asserting, exercising or defending legal claims; or

(4)    if you have objected to the processing pursuant to Article 21, paragraph 1 GDPR and if it is not yet clear if the justified reasons of the controller take precedence over your reasons.

If the processing of your personal data has been restricted, these data - except for its storage - may only be processed if you have given your consent or for the purposes of the assertion, execution or defence of legal claims or to protect the rights of another natural person or legal entity or for reasons of public interest of the European Union or a member state.

If the restriction of the processing has been limited according to the aforementioned preconditions, you will be informed by the controller prior to rescission of the restriction.

Right to deletion

 

Duty to delete

You have the right to demand that the controller deletes your personal data immediately. The controller undertakes to delete these data immediately if one of the following reasons applies:

(1)    your personal data are no longer necessary for the purposes for which they were collected or otherwise processed;

(2)    you revoke your consent to the processing was based on pursuant to Article 6, paragraph 1, letter a or Article 9, paragraph 2, letter a GDPR or if there is a lack of another legal basis for the processing;

(3)    you object to the processing pursuant to Article 21, paragraph 1 GDPR and no overriding and justifying reasons for the processing exist, or if you object to the processing pursuant to Article 21, paragraph 2 GDPR;

(4)    your personal data were processed in an unlawful way;

(5)    the deletion of your personal data is necessary to fulfil a statutory obligation pursuant to the law of the European Union or the law of the Member States the controller is subject to.

(6)    your personal data were collected with regard to the services offered by the information company pursuant to Article 8, paragraph 1 GDPR.

 

Information to third parties

If the controller has made your personal data public and if it is obliged to delete these data pursuant to Article 17, paragraph 1 GDPR, it takes - by respecting the available technology and the implementation costs - appropriate and even technical measures to inform the controllers that process these personal data that you as a data subject have requested a deletion of all links to these personal data or of copies or replications of these personal data.

Exceptional cases

The right to deletion does not exist if the processing is necessary

(1)    to exercise the right to freedom of expression and information;

(2)    to fulfil a legal obligation that requires the processing pursuant to a European Union law or a law of its Member States the controller is subject to, or to exercise a task that is subject to public interest or is connected to the exercise of official authority the responsibility of which was transferred to the controller;

(3)    for reasons of public interest in the field of public health pursuant to Article 9, paragraph 2, letters h and i as well as Article 9, paragraph 3 GDPR;

(4)    for archiving purposes and scientific or historical research purposes or for statistics purposes that are subject to public interest pursuant to Article 89, paragraph 1 GDPR insofar as the aforementioned right makes the realisation of the objectives of this processing impossible or if it impairs them seriously; or

(5)    to assert, execute or defend legal claims.

 

Right to information

If you have asserted the right to correction, deletion or restriction of the processing towards the controller, this controller undertakes to inform any recipients to which your personal data has been disclosed about this correction or deletion of your data or the restriction of the processing. This applies unless this correction, deletion or restriction of the processing is impossible or if it involves a disproportionate effort.

You have the right towards the controller to be informed about these recipients.

Right to data portability

You have the right to obtain your personal data that you have provided the controller with in a structured, current and machine-readable format. In addition, you have the right to transmit these data to another controller - without hindrance by the first controller to whom the personal data were provided - insofar as

(1)    the processing is based on a consent pursuant to Article 6, paragraph 1, letter a GDPR or Article 9, paragraph 2, letter a GDPR or on a contract pursuant to Article 6, paragraph 1, letter b GDPR; and

(2)    the processing is carried out by means of automated procedures.

By exercising this right, you have the additional right to assert that your personal data are directly transmitted from one controller to another controller insofar as this is technically feasible. It is not permitted that any other liberties and rights of other persons are affected thereby.

The right to data portability does not apply to the processing of personal data that is necessary to carry out a task of public interest, or that is carried out by exercising public authority that was transferred to the controller.

Right of objection

At any time and for reasons that arise out of your specific situation, you have the right to object to the processing of your personal data which are processed pursuant to Article 6, paragraph 1, letters e or f GDPR. This also applies to a profiling based on these provisions.

The controller will no longer process your personal data unless it can prove compelling and legitimate reasons for the processing that override your interests, rights and liberties; or unless the processing is necessary to assert, exercise or defend legal claims.

If your personal data are processed for direct marketing purposes, you have the right to object to the processing of your personal data for the purposes of such marketing at any time. This also applies to profiling insofar as this is connected to such direct marketing activities.

If you object to the processing for reasons of direct marketing, your personal data will no longer be processed for these purposes.

You have the possibility to exercise your right of objection in connection with the use of the information company’s services by way of automated procedures within the scope of which technical specification are used. This applies irrespective of the Directive 2002/58/EU.

Right to revoke the declaration of consent pursuant to data protection law

At any time, you have the right to revoke your declaration of consent pursuant to data protection law. By revoking the consent, the legitimacy of the processing carried out on the basis of the consent until revocation will not be affected thereby.

Automated decision-making in individual cases including profiling

You have the right to not become subject to a decision that is based on an exclusively automated processing - including profiling - and which has a legal effect on you or affects you considerably in any similar way. This does not apply if the decision

(1)    is necessary for the conclusion or the execution of a contract between you and the controller;

(2)    is permitted pursuant to legal provisions of the European Union or the Member States the controller is subject to; and if these legal provisions contain appropriate measures to respect your rights and liberties as well as your legitimate interests; or

(3)    is made subject to your explicit consent.

However, these decisions may not be based on specific categories of personal data pursuant to Article 9, paragraph 1 GDPR, insofar as Article 9, paragraph 2, letters a or g GDPR do not apply and appropriate measures to protect rights and liberties as well as your legitimate interests have been taken.

With regard to the cases mentioned in clauses (1) and (3), the controller takes appropriate measures to protect the rights and liberties as well as your legitimate interests. Part of these rights, liberties and legitimate interests include at least the right to a person’s intervening from the part of the controller, the clarification of one’s own point of view and the impeachment of the decision.

Rights to complain to a regulatory authority

Notwithstanding any other legal remedy on the basis of administrative law or judicial decision, you have the right to complain to a regulatory authority, in particular in the member state of your usual place of residence, your work place or the place of the suspected infringement if you are of the opinion that the processing of your personal data infringes the GDPR.

The regulatory authority the complaint was filed to will inform the claimant about the status and the results of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.