NAME AND CONTACT DETAILS OF THE PERSON RESPONSIBLE FOR DATA PROTECTION
RIGHT OF APPEAL TO THE COMPETENT SUPERVISORY AUTHORITY
In the event of violations of data protection law, the person affected by the data collection and/or data processing has a right of appeal to a competent supervisory authority. The competent supervisory authority for data protection issues is the österreichische Datenschutzbehörde (Austrian Data Protection Authority). However, a complaint may also be lodged with the data protection agency responsible for the data subject’s usual place of residence or work.
COLLECTION AND STORAGE OF PERSONAL DATA AND THE NATURE AND PURPOSE OF THEIR USE
When using this website
When you access the website www.magnoliatree.org, the browser used on your terminal device automatically sends information to MagnoliaTree’s server. This information is temporarily stored in a so-called log file. The following information is recorded without your intervention and is stored until it is automatically deleted:
- IP address of the requesting computer,
- date and time of access,
- name and URL of the retrieved file,
- website from which the access takes place (referrer URL),
- the browser used and, if applicable, the operating system of your computer and the name of your access provider.
The above-mentioned data will be processed by us for the following purposes:
- to ensure a smooth connection of the website,
- guarantee a comfortable use of our website,
- evaluation of system security and stability,
- for other administrative purposes.
When you commission MagnoliaTree, we collect the following information:
- master data such as your name, address, date of birth, telephone number, email address, fax
- if applicable, bank details and UID number, FN number
- contract data
- data from consulting/coaching/training activities
- image and sound data (e.g. photos in CVs and for documentation during coaching sessions, video recordings for practice sessions)
For what purposes and on what legal basis are your personal data processed?
Your personal data are processed lawfully based on Article 6(1) of the GDPR for the following purposes:
- Processing and transmission of data in the context of the provision of pre-contractual measures such as the offering of products and services [Article 6(1)(b) GDPR]
- In order to fulfil our contractual obligations to provide consulting, training and coaching services to clients/participants and those involved in the consulting process, including computer-assisted creation and archiving of text documents (such as minutes, correspondence) in this matter [Article 6(1)(b) GDPR]
- To fulfil legal obligations such as tax law [Article 6(1)(c) GDPR]
- For the purpose of legitimate interests of our company or due to legitimate interests of third parties, namely for the purpose of advertising MagnoliaTree products/services (digital, website and analogue) or for the purpose of internal administration [Article 6(1)(f) GDPR]
- Within the scope of your express consent [Article 6(1)(a) GDPR]: provided that you have given us your consent to do so, processing of data will also be carried out for the purposes and to the extent specified in the consent. Such consent can be revoked by you at any time. Revocation of the consent does not, however, affect the lawfulness of data processing carried out on the basis of the consent prior to revocation.
You can revoke consent at any time. A revocation of consent has the consequence that we will no longer process your data for the above-mentioned purposes from this point on.
Please contact us for a revocation: Sabine Gromer, email@example.com
Who receives your data?
In order to fulfill the requirements of our services, it may be necessary to transfer your data to the following recipients: tax consultants, tax authorities, licensors in the case of potential analyses, possibly seminar room landlords, IT and email service, website providers and support staff, banks/legal representatives/courts/administrative, and authorities/collection agencies in the event of an incident.
How long will your data be stored?
We will only store your data for as long as it is necessary to complete the purposes for which we have collected your data. In this context, it should be noted that for tax law reasons, contracts and other documents from our contractual relationship must always be retained for a period of 7 years. In individual cases, for example in the case of pending official proceedings, this storage period can also be longer than 7 years. Apart from these individual cases, we will in any case delete your data after these 7 years or 5 years after our last contact should we no longer be able to contact you (depending on which event occurs first).
Rights of Legal Appeal
You are fundamentally entitled to the rights of information, correction, deletion, restriction, data transferability and revocation. Please contact us for this purpose. If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way, you can complain to the supervisory authority. In Austria, the Datenschutzbehörde (Data Protection Authority) is responsible for such cases.
Information is stored in the cookie that is related to the specific terminal device used. This does not mean, however, that we obtain direct knowledge of your identity.
In addition, we also use temporary cookies to optimize user-friendliness, which are stored on your end device for a certain fixed period of time. If you visit our site again to make use of our services, we will automatically recognize that you have already been with us and what entries and settings you have made so that you do not have to enter them again.
The data processed by cookies is required for the above-mentioned purposes to protect our legitimate interests and those of third parties in accordance with Article 6(1)(f) of the GDPR.
Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or so that a message always appears before a new cookie is created. However, disabling cookies completely may mean that you will not be able to use all the features of our website.
We send newsletters, e-mails and other electronic notifications containing information (hereinafter referred to as “newsletters”) only with the consent of the recipients or with legal permission. Our newsletters contain information about our work, current publications and references to our offers.
Our newsletters are sent via “MailChimp”, a newsletter sending platform of the US provider Rocket Science Group (LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA).
The e-mail addresses of our newsletter recipients, as well as their other data described in this document, are stored on the servers of MailChimp in the USA. MailChimp uses this information to send and evaluate the newsletter on our behalf. Furthermore MailChimp may use this data according to its own discretion to optimize or improve its own services, e.g. for technical optimization of sending and presentation of newsletters or for economic purposes to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to contact them or pass information on to third parties.
The tracking measures listed below and used by us are carried out on the basis of Article 6(1)(f) of the GDPR. We use tracking measures to ensure that our website is designed to meet the needs of our customers and is continuously optimized. Additionally, we use tracking measures to record the use of our website statistically and evaluate it for the purpose of optimizing our services for you. These interests are justified in the aforementioned regulation [Article 6(1)(f) GDPR]. The relevant data processing services we use, and data categories we collect are listed below.
For the purpose of designing our pages to meet your needs and continuously optimizing them, we use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). In this context, pseudonymized user profiles are created and cookies (see section 4) are used. Information about your use of our website is then generated by these cookies. Such information includes,
- browser type/version,
- the operating system used,
- referrer URL (the previously visited page),
- host name of the accessing computer (IP address),
- time of the server request,
You can also prevent the collection of data generated by cookies based on your use of our website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).
As an alternative to the browser add-on, especially in the case of browsers on mobile devices, you can prevent the collection of data by Google Analytics by clicking on https://tools.google.com/dlpage/gaoptout. An opt-out of cookies will be set to prevent future collection of your information when you visit our website. The opt-out cookie option is only valid on the browser it has been applied to and only functions to prevent cookie collection on our website. If you delete the cookies in this browser, you will need to set the opt-out cookie option again.
Further information on data protection in connection with Google Analytics can be found on the Google Analytics help page (https://support.google.com/analytics/answer/ 6004245?hl=en).
GOOGLE ADWORDS CONVERSION TRACKING
In order to record statistics on the use of our website and for the purpose of optimizing our website, we also use Google Conversion Tracking. Google AdWords collects cookies (see Section 4) from your computer if you have reached our website via a Google ad.
These cookies lose their validity after 30 days and are not used for personal identification. If the user clicks on a Google Ad for a specific website, Google and the client can recognize that the user clicked on the ad and was redirected to that page.
Each AdWords’ client is assigned a different cookie. As a result, cookies cannot be tracked through the websites of AdWords’ clients. The information collected through the conversion cookie is used to compile conversion statistics for AdWords’ clients who have opted in for conversion tracking. The AdWords’ advertisers learn the total number of users who clicked on their ad and were redirected to a page through a conversion tracking tag. However, they do not receive any information that can be used to personally identify users.
SOCIAL MEDIA PLUG-INS AND TOOLS
We use social media plug-ins from Facebook, Xing, LinkedIn, and Google+ on our website on the basis of Article 6(1)(f) of the GDPR to make OCEANDRIVE??? better known. The promotional purposes behind this are regarded as a legitimate interest within the meaning of the GDPR. The responsibility for data protection is to be guaranteed by the respective providers of these plug-in services. The integration of these plug-ins by us is done via the so-called “two-click method” in order to protect visitors of our website in the best possible way.
On our website, social media plug-ins from Facebook are used to make content feel more personal. For this we use the “LIKE” or “SHARE” button. This is a service provided by Facebook.
If you pull up a page of our website that contains such a plug-in, your browser establishes a direct connection with Facebook’d servers. The content of the plug-in is transmitted by Facebook directly to your browser, which then integrates it into our website. Through the integration of the plug-in, Facebook receives information that your browser has called up the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there.
If you are logged-in to Facebook, Facebook can assign your visit to our website directly to your Facebook account. If you interact with the plug-in, for example by clicking the “LIKE” or “SHARE” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and displayed to your Facebook friends.
Facebook may use this information for the purposes of advertising, market research and the design of Facebook pages to meet your needs. For this purpose, Facebook creates usage, interest and relationship profiles (e.g. to evaluate your use of our website with regard to the advertisements displayed to you on Facebook) to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.
If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log out of Facebook before visiting our website.
For the purpose and scope of data collection and the further processing and use of data by Facebook, as well as your rights in this regard and setting options for protecting your privacy, please refer to Facebook’s data protection information (https://www.facebook.com/about/privacy/).
GOOGLE WEB FONTS
This site uses so-called web fonts, which are provided by Google, for the uniform display of fonts. When you pull up our page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.
To do this, the browser you are using must connect to Google’s servers. This enables Google to know that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and attractive presentation of our online offers. This represents a legitimate interest in the sense of Article 6(1)(f) of the GDPR.
If your browser does not support Web Fonts, a standard font from your computer will be used.
This site uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”).
To use the functions of Google Maps it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of an attractive presentation of our online offers and to make it easy to find the places we have indicated on our website. This represents a legitimate interest in the sense of Article 6(1)(f) of the GDPR.
RIGHTS OF THE DATA SUBJECT OF THE DATA COLLECTION AND PROCESSING
You have the right:
- To request information about your personal data processed by us in accordance with Article 15 of the GDPR. In particular, you may request information on the processing of personal data, the category of personal data collected, the recipients to whom your data have been or will be disclosed, the planned storage period, the right to rectify inaccurate data, cancellation, restriction of data processing, the right of appeal, the origin of your data (if not collected by us), and the existence of automated decision making including profiling and, if applicable, meaningful information on the details of data collected.
- In accordance with Article 16 of the GDPR, to demand without delay the correction of incorrect or incomplete personal data stored by us.
- In accordance with Article 17 of the GDPR, to demand the deletion of your personal data stored with us, unless processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, and to exercise or defend legal claims.
- In accordance with Article 20 of the GDPR, to receive your personal data that you have provided us with in a structured, common, and machine-readable format or to request its transfer to another responsible party.
- In accordance with Article 7(3) of the GDPR to revoke your consent with us at any time. As a result, we may no longer continue data processing based on this consent for the future or complain to a supervisory authority in accordance with Article 77 of the GDPR. As a rule, you can turn to the supervisory authority of your usual place of residence/workplace or to the supervisory authority of our company headquarters.
RIGHT OF OBJECTION
If your personal data is processed on the basis of legitimate interests in accordance with Article 6(1)(f), you have the right to object to the processing of your personal data in accordance with Article 21 of the GDPR if there are reasons for doing so arising from your particular situation or if the objection is directed against direct marketing. In the latter case, you have a general right of objection, which will be implemented by us without indicating any special situation. If you wish to exercise your right of revocation or objection, simply send an e-mail to firstname.lastname@example.org.
We use common SSL (Secure Socket Layer) procedure within our website and the highest encryption level supported by your browser. Usually this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted in encrypted form by the display of the key or lock symbol in the lower status bar of your browser.
We also use suitable technical and organizational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
OBJECTION TO SPAM
We hereby object to the use of contact data published to send advertising and information material not expressly requested. Should the operator receive unsolicited promotional material, such as spam etc., the operator expressively reserves the right to take legal action.
UP-TO-DATENESS AND CHANGES TO THIS DATA PROTECTION DECLARATION
This data protection declaration is currently valid and dated May 2020. Due to the further development of our website and offers above, or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time on our website.