Privacy notice

mgw-Service GmbH & Co. KG Privacy Policy

General

The operators of these websites take the protection of your personal data very seriously. We handle your personal data confidentially and in accordance with data protection law and this privacy policy.
The controller pursuant to Art. 4 point (7) of the GDPR in the case of these websites is:

mgw Service GmbH & Co. KG
Managing Director: Michael Lautenbach
Raabestraße14
34119 Kassel

Telephone: +49 561 510577 0
Fax: +49 561 510577 299
Email: info@mgwservice.com

See our Statutory Information

 

In addition to the company’s management, we have appointed a data protection officer for our company. You can contact our Data Protection Officer Mr Marschall, LL.M. (GDPC GbR) by writing to “The Data Protection Officer” at the above address or by email at Datenschutz@mgwservice.com.

In order to use our website, it is necessary for the IP address to be supplied at the time of the visit. In certain cases, we also need your name and address and other details so that we can provide the required services. The same applies for example to sending information material and responding to individual queries. If we ask you for further data, this is information provided voluntarily.
In addition to us as data controller, certain categories of controllers, who are involved in the operation of the website (member companies of the Akiem Group, system administrators), and other external parties which if necessary are also used by host and service providers (such as third party service providers, hosting providers, IT companies or communications agencies), may also be given access to the data. An up-to-date list of these parties involved and recipients can be requested from the controller.
We provide information below separately in each case on individual areas in which we process personal data concerning you or from which you can be identified as the data subject.

 

Cookies

So-called cookies are used on the website. These are packets of data which are exchanged between our company website’s server and the visitor’s browser. On accessing the website, these are stored on the device used in each case (PC, notebook, tablet, smartphone, etc.). Information which arises in each case in connection with use of the end device is deposited in the cookies. We cannot in any way obtain from this direct knowledge of the visitor’s identity.
In the majority of cases, cookies are accepted under the browser’s default settings. The browser settings can be altered so that either cookies are not accepted on the device used or a specific message appears before a new cookie is deposited. It is important to point out, however, that deactivating cookies can mean that not all the website functions can be used to the optimum.
Cookies serve to make our website easier to use. For example, session cookies can track whether the visitor has already accessed individual pages on the website. These session cookies are automatically erased on leaving the website. Temporary cookies are used to improve user friendliness. They are stored for a temporary period on the visitor’s device. On revisiting the website, the fact that the visitor has previously accessed the website and the information input and settings used are automatically recognised, so that these do not have to be repeated.
Cookies are also used to analyse visits to the website for statistical purposes and in order to improve the service. These cookies enable recognition on revisiting the website that it has already been accessed previously by the visitor. Here the cookies are automatically erased after a fixed period of time in each case. The legal basis for data being processed by cookies for the above purposes is our legitimate interests pursuant to Art. 6 subpara. 1 sentence 1 point (f) of the GDPR.

 

Accessing the website

When our websites, including those of the Akiem Group, are accessed, the internet browser used by the visitor automatically sends data to the server of the website in question and stores these in a log file for a limited period of time, maximum two weeks. The following data are stored without further input by the visitor until they are automatically erased:

  • IP address of the visitor’s device,
  • date and time of access by the visitor,
  • name and URL of the website accessed by the visitor,
  • website from which the visitor accessed the website (the so-called referrer URL),
  • browser and operating system of the visitor’s device and name of the access provider used by the visitor.

The legal basis for the processing of such personal data is Art. 6 subpara. 1 sentence 1 point (f) of the GDPR. We have a legitimate interest in processing the data in order to

  • create a rapid connection to the website,
  • enable user-friendly use of the website,
  • establish and ensure the security and stability of the systems and
  • facilitate and improve the administration of the website.

 

Contact form

Visitors can submit messages to us via an online contact form on the website. In order to receive an answer, it is necessary to provide at least a valid email address and first and last names. The person making the enquiry can voluntarily provide all other details but is not obliged to do so. By sending a message via the contact form, the visitor gives consent to the processing of the personal data provided. The data are processed solely for the purpose of handling and answering enquiries and follow-up questions via the contact form. This is done on the basis of freely given consent pursuant to Art. 6 subpara. 1 sentence 1 point (a) of the GDPR. The personal data collected for use of the contact form are automatically erased once the enquiry has been completed and there are no reasons for further retention (e.g. subsequent order placed with the company). Where necessary or legitimate, your personal data are also transmitted to the department within the Akiem Group responsible for answering your request. Your personal data are transmitted via our contact form as standard using SSL encryption.

 

Contact by email (email client on your computer)

Visitors can also submit messages to us by email by freely providing personal data. In order to receive an answer, it is necessary to provide at least a valid email address and first and last names. By sending the email, the visitor gives consent to the processing of the personal data provided. The data are processed solely for the purpose of handling and answering enquiries. This is done on the basis of freely given consent pursuant to Art. 6 subpara. 1 sentence 1 point (a) of the GDPR. The data obtained from you by this communication route and processed by us are automatically erased once the enquiry has been completed and there are no reasons for further retention (e.g. subsequent order or similar).

 

Processing in the context of use of the customer information centre (login on our website)

Data subjects (generally active customers of our company) are able to log in to the customer information centre on our website by inputting personal (access) data. Customers can do this once we have given you the necessary access data and – in providing information on our privacy policy for customers/suppliers – have explained the use thereof. The legal basis for the associated data processing is Art. 6 subpara. 1 point (b) of the GDPR. The personal data that are transmitted to us can be obtained from the relevant input mask and the contractual data, including the server log data (see below). The personal data input by the data subject are collected and stored solely for our internal use and for our own purposes. We can have them transmitted to one or more contract processors, who likewise use the personal data solely for an internal purpose on our behalf. On login, the IP address provided by the data subject’s internet service provider (ISP) and the registration date and time are also stored. These data are stored against the background that only in this way can a misuse of our services be prevented and that if necessary these data enable criminal offences committed to be clarified. To this extent storage of these data is necessary to safeguard the controller pursuant to Art. 6 subpara. 1 point (f) of the GDPR. These data are in principle not passed on to third parties if there is no legal obligation to do so or they are not required for criminal proceedings.
Registration by the data subject through the voluntary input of personal data enables the controller to offer the data subject content or services, which due to their nature can only be offered to registered customers.
With regard to data processing in the context of the customer information centre, we will inform you as our customer/supplier separately about the associated processing of personal data; please do not hesitate to contact us.

 

Data protection in the case of job applications and the application process

We also process applicants’ personal data in order to progress the application process, if they are applying or have applied via the website (e.g. through the contact form) or using the email addresses available on the website. Data can also be processed electronically. This is the case in particular if an applicant freely submits the relevant application documents to the controller electronically, for example by email or via a form available on the website. If the controller concludes an employment contract with the applicant, the data submitted are stored for the purpose of progressing the employment relationship in compliance with the legal requirements. If the controller does not conclude an employment contract with the applicant, the application documents are automatically erased no later than 6 months after notification of the negative decision, provided that other legitimate interests of the controller do not conflict with such erasure. Another legitimate interest in this sense is, for example, the duty to provide evidence in proceedings under the German Act on Equal Treatment (Allgemeinen Gleichbehandlungsgesetz (AGG)).
If you have applied to us via the address talent@mgwservice.com, you will receive an automated response confirming receipt and including a link to our more detailed data protection information for applicants.

Transmission to third parties

Personal data are transmitted to third parties if

  • pursuant to Art. 6 subpara. 1 sentence 1 point (a) of the GDPR, the data subject has expressly given consent to this,
  • pursuant to Art. 6 subpara. 1 sentence 1 point (f) of the GDPR, transmission is necessary to display our website to our contract processors, in particular our host and service providers; for the establishment, exercise or defence of legal claims and there is no reason to assume that the data subject has an overriding legitimate interest in their data not being transmitted, and for data processing within the Akiem Group,
  • there is a legal obligation for data transmission pursuant to Art. 6 subpara. 1 sentence 1 point (c) of the GDPR, and/or
  • this is necessary for the performance of a contract with the data subject pursuant to Art. 6 subpara. 1 sentence 1 point (b) of the GDPR.

In no other cases are personal data transmitted to third parties.

Inclusion of third party service providers (incl. social media widgets and plugins)

Widgets and plugins and links to the following social networks and third party service providers are included on our website. The legal basis for the inclusion and use of all the following service providers on our homepage is Art. 6 subpara. 1 sentence 1 point (f) of the GDPR. The purpose of their use in our legitimate interest is to inform a wider public about our services and give you the opportunity to share the information on our website with other internet users and also to find out about our company on the websites of these third party service providers and about us and our work. The third party service providers and social networks are responsible for handling their users’ data in compliance with data protection requirements. We provide below further information on data processing by the individual third party service providers in accordance with  Arts. 13 and 14 of the GDPR.

Privacy policy for the use of Google Analytics

This website uses functions of the Google Analytics web analysis service. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland. Google Analytics uses so-called „cookies”. These are text files that are stored on your computer and that enable analysis of your use of the website. The information produced by the cookie about your use of this website is generally transmitted to a Google server in the USA and stored there. The legal basis for the use of Google Maps is Art. 6 subpara. 1 sentence 1 point (f) of the GDPR. Google Analytics uses cookies, i.e. text files, that are stored on your computer and that enable analysis of your use of the website. The information produced by the cookie about your use of this website is generally transmitted to a Google server in the USA and stored there. However, if IP-anonymisation on this website is activated, your IP address is first masked by Google if you are located in member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and masked there. On behalf of the operator of this website (mgw-Service and Akiem Group), Google will use this information to evaluate your use of the website, to compile reports about website activities and to provide other services associated with use of the website and internet use to the website operator. (purpose of the processing). The IP address transmitted from your browser in relation to Google Analytics is not merged with other Google data. You can prevent cookies from being stored by setting your browser software accordingly; however, we would point out that, if you do so, you might not be able to make full use of all the functions on this website. You can also prevent the data generated by the cookie and related to your use of the website (including your anonymised IP address) being collected and processed by Google by downloading and installing: Browser-Add-on to deactivate Google Analytics

You can find general information on Google Analytics and data protection at the Google Data Protection Center. This website has the „anonymizeIp” add-on function in order to ensure anonymised collection of IP addresses (so-called IP masking). If IP anonymisation on this website is activated, however, your IP address is first masked by Google if you are located in member states of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and masked there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports about website activities and to provide other services associated with use of the website and internet use to the website operator. The IP address transmitted from your browser in relation to Google Analytics is not merged with other Google data. You can prevent collection by Google Analytics by clicking on the following link. An opt-out cookie is deposited, that prevents the future collection of your data on visits to this website, provided that the cookie is not erased: deactivate Google Analytics. You can prevent cookies from being stored by setting your browser software accordingly; however, we would point out that, if you do so, you might not be able to make full use of all the functions on this website. You can also prevent the data generated by the cookie and related to your use of the website (including your IP address) being collected and processed by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de

 

Google Web Fonts

This website uses so-called web fonts provided by Google in order to ensure uniformity of the fonts. When you access a website, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly. To do this, your browser has to link to the Google servers. From this Google knows that our website is being accessed via your IP address. Google web fonts are used in the interests of an attractive, uniform presentation of our online offers. This constitutes a legitimate interest as defined in Art. 6 subpara. 1 point (f) of the GDPR. If your browser does not support web fonts, a standard font is used by your computer. You can find further information Google web fonts at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://www.google.com/policies/privacy/.

 

Google-Maps (Google Inc.)

We also use Google Maps on this website as a third party service. This enables us to display interactive maps directly on the website and allows you easy use of the map function. Google Maps is a service provided by Google Inc. to display maps, by means of which this application can incorporate corresponding content on its websites.

On a visit to the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the data specified under “Collection of personal data on visits to our website” in this privacy policy are transmitted. This happens irrespective of whether Google provides a user account through which you are logged in to Google, or no user account exists. If you are logged in to Google, your data are assigned directly to your account. If you do not want them to be assigned to your profile with Google, you must logout before activating the button. Google stores your data as a usage profile and uses them for the purposes of advertising, market research and/or needs-based configuration of its website. The data are evaluated in particular (even in the case of users who are not logged in) in order to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of this user profile. You must contact Google in order to exercise this right.

You can obtain further information on the purpose and scope of data collection and processing by the plug-in provider in the provider’s privacy policy, where you will also find further information on your rights in this respect and on the settings options for protection of your privacy: https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the USA and has undertaken to comply with the requirements of the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.

The legal basis for the use of Google Maps is Art. 6 subpara. 1 point (f) of the GDPR.

 

YouTube video widget (Google Inc.)

YouTube is a service provided by Google Inc. to display video content by means of which this application can incorporate corresponding content on its websites. Our website uses widgets from the YouTube website operated by Google. The operator of the websites is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our websites which has a YouTube plugin, a link to the YouTube servers is created. This tells the YouTube server which of our websites you have visited. If you are logged in to your YouTube account, this enables YouTube to assign your surfing pattern directly to your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used in order to present our online services and display visual content to you. This constitutes a legitimate interest as defined in Art. 6 subpara. 1 point (f) of the GDPR. You can find further information on the handling of user data in the YouTube privacy policy at: https://www.google.de/intl/de/policies/privacy.

 

Interaction with external social networks and platforms

Services of this type enable interaction with social networks or other external platforms directly via this application. Such interaction and the information collected via this application are always subject to users’ privacy settings for the social network in question.

If a service for interaction with social networks is installed, it can also collect data from data traffic for the websites on which it is installed when the user is not using the service.

Tweet interface and social widgets for Twitter (Twitter, Inc.)

The Tweet interface and social widgets for Twitter are services for interaction with the Twitter, Inc. social network Twitter. We also use the Twitter microblogging service on our website. The operator of Twitter is Twitter Inc. The US firm’s headquarters are at 1355 Market St, Suite 900, San Francisco, CA 94103, USA. Twitter’s main function is the „Tweet function”. If you use this via our website, a link is made to your Twitter account. Data can be exchanged with other users and data can be transmitted to Twitter. We do not receive knowledge of the content of the data sent to Twitter, nor are we informed about their use. Information on these questions is available at http://twitter.com/privacy, where you will find Twitter’s detailed privacy policy. The platform also gives you the option to configure your privacy settings yourself via http://twitter.com/account/settings.

 

“Like” interface and widget for Facebook (Facebook, Inc.)

The “Like” interface and social widgets for Facebook are services for interaction with the Facebook Inc. social network Facebook. Plugins for the Facebook social network, 1601 South California Avenue, Palo Alto, CA 94304, USA, are integrated into our websites and our LhF app. You can recognise the Facebook plugins from the Facebook logo or the „Like” button on our website. You can find an overview of Facebook plugins at: http://developers.facebook.com/docs/plugins/. If you visit our websites, a direct link between your browser and the Facebook server is created via the plugin. Facebook thus receives information (including location-related information) that your IP address has visited our website. If you click on the Facebook “Like” button while you are logged in to your Facebook account, you can link the content of our websites to your Facebook profile. Facebook can thus assign the visit to our websites to your user account. We would point out that, as provider of the websites, we do not receive knowledge of the content of the data transmitted or their use by Facebook. You can find further information on this in the Facebook privacy policy at https://de-de.facebook.com/policy.php.

If you do not want Facebook or Twitter to assign the visit to our websites to your user account, please log out of your user account in question.

 

Xing widget (XING AG)

We also use functions from XING, a network designed to promote professional contacts between its members, on our website. The provider of this network is XING AG. Its headquarters are at Dammtorstraße 29-32, 20354 Hamburg. If one of our websites that has the XING functions is accessed, a link is created to the XING servers. We are not aware that XING stores personal data. As far as we know, XING does not evaluate or store IP addresses. If you wish to receive further information on XING’s data protection, you can access XING’s privacy policy via the link https://www.xing.com/app/share?op=data_protection, which also contains further information on the XING Share button.

 

LinkedIn

Plugins for the social network LinkedIn provided by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter referred to as “LinkedIn”) are integrated into this website. You can recognise the LinkedIn plugins from the LinkedIn logo or the “Share” button on this website. If you visit this website, a direct link between your browser and the LinkedIn server is created via the plugin. LinkedIn thus receives information that your IP address has visited this website. If you click on the LinkedIn “Share” button while you are logged in to your LinkedIn account, you can link the content of this website to your LinkedIn profile. LinkedIn can thus assign the visit to this website to your user account. We would point out that, as provider of our website, we do not receive knowledge of the content of the data transmitted or their use by LinkedIn. You can find details of the data collected (purpose, scope, further processing, use) and of your rights and settings options in LinkedIn’s privacy policy. This policy is available from LinkedIn at http://www.linkedin.com/static?key=privacy_policy&trk=hb_ft_priv.

Your rights as data subject

You have rights vis-à-vis us with respect to data concerning you. If you assert such a right and specific legal provisions prevent us from complying, we will notify you accordingly specifying the concrete reasons.

You have the following rights vis-à-vis us under data protection law:

Information

Under Art. 15 of the GDPR, you can request information on your personal data processed by us. In particular you can request information on the purpose of the processing, the categories of personal data, the categories of recipients to whom your data have been or will be disclosed, the envisaged storage time, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the source of your data if these were not collected by us, and the existence of automated decision-making including profiling and if applicable meaningful information on details thereof.

Rectification

Under Art. 16 of the GDPR, you can request rectification without undue delay of inaccurate personal data concerning you stored by us or completion of such data.

Erasure

Under Art. 17 of the GDPR, you have the right to request erasure of your personal data stored by us, provided that processing is not necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims. The data that are processed in connection with the use of our website and the services we have described are stored for as long as necessary to provide the services desired by the user, for the purposes specified in this document or prescribed by law. The user can ask the controller at any time to block, alter or remove the data.

Restriction of processing

Under Art. 18 of the GDPR you can request the restriction of processing of your personal data, where the accuracy of the data is contested by you, the processing is unlawful but you oppose erasure and we no longer need the data, but you require them for the establishment, exercise/defence of legal claims or you have objected to processing pursuant to Art. 21 of the GDPR.

Data portability

Under Art. 20 of the GDPR, you can request to receive your personal which you have provided to us in a structured, commonly used and machine-readable format or to have them transmitted to another controller.

Withdrawal of consent

Under Art. 7 subpara. 3 of the GDPR, you have the right at any time to withdraw the consent given to us (e.g. in writing or by email). This means that we can in future no longer continue the data processing which was based on this consent. We will be pleased to notify you separately of this.

Right to lodge a complaint with a supervisory authority

Under Art. 77 of the GDPR, you can lodge a complaint regarding your personal data with the supervisory authority responsible. The supervisory authority responsible for us is:

Der Hessische Beauftragte für den Datenschutz und die Informationsfreiheit

Postfach: 3163

65021 Wiesbaden

Telephone: +49 611 1408 – 0

Amendments to the privacy policy (version of 29.08.2018)

The continuous iterative development of our website services and/or legal developments can make it necessary for us to adapt our privacy policy from time to time. Please, therefore, ensure that you use the current version of our privacy policy.