Experts in fire protection

Data Privacy Policy of Minimax GmbH

1. General information about the collection of personal data

Minimax GmbH  (hereinafter referred to as “MINIMAX”) is committed to protecting your personal data. This Data Privacy Policy specifies how MINIMAX (hereinafter also referred to as “we,” “us” and “our”) uses and protects the personal data collected on www.​minimax.​com/​de or https://karriere.minimax.de (“MINIMAX website”).

Personal data are all data which refer to you personally, including for example your form of address, name, address, e-mail address, IP address, etc. We only collect and process your personal data in compliance with the provisions of the EU General Data Protection Regulation (“GDPR”) and other provisions of European and applicable national data protection law.

Personal data are usually collected and used only with your consent or if processing of such data is permitted by law. The following provisions provide information about the type, scope and purpose of the collection and processing of your personal data.

In the event that we make use of the services of commissioned service providers for the purpose of providing specific functions for our offer or of our services or if we use your data for marketing or analysis purposes, we will also inform you in detail in the following about the action taken. We also provide information about the stipulated criteria for and the period of storage. We also inform you about your rights with regard to data processing.

This Data Privacy Policy relates exclusively to our MINIMAX website. If you click on links that take you from our pages to third-party websites, please consult those websites to find out how your data are handled by them.

2. Contact details

a) Name and address of the controller responsible for processing data

The party responsible for data protection within the meaning of the GDPR and under all other applicable EU data protection law (“controller”) is MINIMAX. If you have any questions, suggestions or criticisms relating to data protection in connection with our website, please contact:

Minimax GmbH
Industriestr. 10-12
23843 Bad Oldesloe, Germany
E-mail: webmaster@​minimax.​de

b) Name and address of the Data Privacy Officer

Any data subject can also contact our Data Privacy Officer directly at any time with any questions or suggestions. The Data Privacy Officer can be contacted at:

Minimax Viking GmbH
Data Privacy Officer

Industriestr. 10-12
23843 Bad Oldesloe, Germany
E-mail: Dataprivacy@​mx-​vk.​com

3. Notes on lawfulness and period of storage

a) Legal basis for the processing of personal data

Our processing of your personal data is lawful if you have given your consent as stipulated in Article 6(1) sentence 1 (a) GDPR.

Under Article 6(1) sentence 1 (b) GDPR, processing of your personal data is lawful if such processing is necessary for the performance of a contract with you or your company. This also applies to processing activities required to take steps prior to entering into a contract.

Under Article 6(1) sentence 1 (c) GDPR, processing of your personal data is lawful if such processing is necessary for compliance with one of our legal obligations.

Under Article 6(1) sentence 1 (d) GDPR, processing of your personal data is lawful if such processing is necessary in order to protect your vital interests or those of another natural person.

Under Article 6(1) sentence 1 (f) GDPR, processing of your personal data is lawful if such processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.

b) Period of storage and erasure of data

In principle, the personal data we collect, process and store are stored by us only for as long as required for the specific purpose for which they are stored. Your data will be erased or their processing will be restricted as soon as the specific purpose for which they were stored no longer applies.

However, there may also be European regulations, applicable national legislation or other provisions that require the data we process to be stored longer. We will erase or restrict processing of your data when these periods of storage expire.

4. Your rights

For the purposes of the GDPR you are the “data subject” of any of your personal data which we process. As a data subject you have the following rights with regard to MINIMAX:

 a) Right of access by the data subject

You have the right under data protection law to obtain information from us concerning whether your personal data are being processed by us. If this is the case, you have the right to request information about the extent of such data processing.

 b) Right to rectification

You have a right to obtain from MINIMAX the rectification of inaccurate personal data concerning you and/or to have incomplete personal data completed.

 c) Right to restriction of processing

You have the right to have the processing of your personal data restricted where the necessary preconditions apply.

 d) Right to erasure (“right to be forgotten”)

In certain circumstances, you have the right to demand that MINIMAX erase personal data concerning you without undue delay. The right to erasure does not apply if data must be processed.

 e) Right to notification

If you have asserted your right to rectification, erasure or restriction to MINIMAX, MINIMAX must communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.

 f) Right to data portability

You have the right to receive the personal data concerning you which you have provided to MINIMAX, in a structured, commonly used and machine-readable format. You also have the right in certain circumstances to transmit those data to another company without hindrance from MINIMAX to which the personal data have been provided.

 

g) Right to object

You have the right under Article 6(1) sentence 1 (f) GDPR to object at any time to the processing of personal data concerning you on grounds relating to your particular situation. MINIMAX may then no longer process the personal data relating to you unless MINIMAX demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or data are processed for the establishment, exercise or defence of legal claims.

We will obtain your consent in advance before undertaking any marketing measures relating to you. If the personal data relating to you are processed for the purposes of engaging in direct marketing, you have the right to object at any time to the processing of your personal data for such advertising purposes. You can inform us of your objection by contacting us at:

Minimax Viking GmbH
Industriestr. 10-12
23843 Bad Oldesloe, Germany
E-mail: Dataprivacy@​mx-​vk.​com

 h) Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

5. Visitors to our website and creation of log files

Our system automatically collects data and information from your computer system every time you visit our MINIMAX website. The following data are then collected:

  • Information about the type of browser you are using
  • Information about the operating system you are using
  • Information about your Internet service provider
  • Your IP address
  • The date and time of your visit to our website
  • Information about the website from which your system has reached our website
  • Information about the website that was called by your system via our website.

The data which we collect on you are stored in our system’s log files. In general, these data are not stored together with other personal data of the user. One exception to this rule is the information collected by us about your browser settings. In connection with the geoinformation collected by the analytics tools we use, we use these data to display an appropriate country website (e.g. for France: minimax.com/fr/fr).

The legal basis for temporary storage of the data and log files is Article 6(1) sentence 1 (f) GDPR. We have a legitimate interest in collecting and temporarily storing the data referred to, as the IP address must be stored temporarily by the system in order to provide the website to your computer. For as long as you surf on our website, your IP address must be stored for the duration of the session.  

The data is stored in log files in order to ensure that the website functions properly. This information is also used to optimise our website and to guarantee the security of our information technology systems. Your log files are not analysed for marketing purposes.

The data will be erased or altered in a way that prevents them being associated with you as soon as they cease to be necessary for the purposes referred to here. Data which are stored in log files are erased after 7 days.

6. Contact form

a) Processing by MINIMAX

You can make contact with us by electronic means using the contact form on our website. If you make use of this option, the data entered in the input screen are sent to us and stored. In particular, the following data are recorded as part of that:

  • Your full name
  • Your company and the industry it operates in
  • Your address or that of your company
  • Your e-mail address
  • Optionally, your telephone number and fax number
  • Optionally, files you have uploaded along with personal data
  • The date and time when you contacted us are also stored.

The legal basis for processing your data is Article 6(1) sentence 1 (a), (b) or (f) GDPR. We only process any personal data which you enter in the input screen to deal with your request. The data are erased as soon as they are no longer required for the purpose for which they have been collected and provided that they are not subject to any legal archiving obligations. The conversation is ended when it can be inferred from the circumstances that the issue in question has been conclusively clarified.

You have the right to withdraw your consent to processing of your personal data, or object to further use of them to MINIMAX, at any time. That then means the conversation cannot be continued. All personal data stored as part of the contact are erased in this case, unless retention obligations under the law stand in the way or we are otherwise permitted by law to process the data.

Your IP address is also stored at the time the message is sent. These other personal data are processed when a message is sent and help prevent misuse of the contact form and ensure the security of our IT systems. The personal data additionally collected when a message is sent are erased after no later than 7 days. The data are used exclusively to process the conversation. The legal basis for processing the data is Article 6(1) sentence 1 (b) or (f) GDPR.

b) Transfer of data to affiliated undertakings

The data you enter in the input screen may be forwarded to MINIMAX’s affiliated undertakings if the content of your request – in terms of subject matter and particular region – is of relevance to the affiliated undertaking in question. However, MINIMAX also remains your first point of contact in this case and you can still exercise your rights towards MINIMAX.

MINIMAX may also forward these data to countries outside the European Economic Area. However, MINIMAX’s affiliated undertakings will take the steps necessary to ensure an adequate level of data protection. If MINIMAX transfers your data to the United States, for example, additional measures are taken where necessary, such as conclusion of EU-compliant data transmission agreements with the data importer.

By sending the contact form, you declare your consent to the data you entered in the contact form being forwarded to MINIMAX’s affiliated undertakings if the content of your request – in terms of subject matter and particular region – is of relevance to the affiliated undertaking in question. You can find more information on the affiliated undertakings here. You can withdraw your consent at any time by notifying MINIMAX. Withdrawal of consent does not affect the lawfulness of any processing conducted on the basis of the consent up to the point of withdrawal.

7. Newsletter (“Job Alert”)

On our website you can subscribe to a free newsletter (currently: “Job Alert” newsletter). If you do so, we inform you in the newsletter about the latest job advertisements you request. The data which you enter in the input screen when subscribing to the newsletter are transmitted to us. They are:

  • Your e-mail address

We need your e-mail address in order to send you the newsletter, as well as to identify you and check that you have given your consent. Any other information you provide is given voluntarily.

We use the double opt-in procedure when you subscribe to our newsletter. This means that, after you have subscribed, we will send an e-mail to the e-mail address given by you asking you to confirm that you wish to receive the newsletter. If you do not confirm your subscription, your information will be erased automatically after one month. After receiving your confirmation, we store your e-mail address and the other details for the purpose of sending the newsletter. The legal basis for that is Article 6(1) (a) GDPR.

We also store your IP addresses and the times of your subscription and confirmation. The purpose of this procedure is to demonstrate that you have subscribed and to clarify any possible misuse of your personal data. The legal basis for that is Article 6(1) (f) GDPR.

We erase your data as soon as you or we have ended the subscription for the newsletter. You can cancel the newsletter subscription at any time by withdrawing your consent with effect for the future. There is a link in every newsletter sent to you which you can simply click to unsubscribe. Alternatively you can send an e-mail to jobs@minimax.de or a message to the controller referred to above in this Data Privacy Policy.

8. Use of cookies and other technologies

a) Cookies and similar technologies

Cookies are small text files that are stored on your computer or mobile devices when you visit our Internet offering. We obtain various items of information by placing cookies.

In addition to cookies, some services use what are termed “LocalStorage entries”. A LocalStorage entry has a similar function to cookies, with the difference that information is stored in your browser’s cache in the case of LocalStorage. If services on our website use LocalStorage, we explicitly point that out in this Data Privacy Policy.

In addition, some services use what are termed “tracking pixels”.

Necessary cookies

Certain cookies are technically necessary to enable proper operation of our website and proper display of the content so that we can deliver our Internet offering to you. You cannot deselect these “necessary cookies” because our website cannot be offered without them.

Cookies and similar technologies for statistics and external content

We use cookies to record statistics on use of our website. You do not have to choose these cookies.

Cookies and similar technologies from external services are used to expand and optimise the functionality of our Internet offering and make it more convenient for you to use. You do not have to accept the cookies and similar technologies used for that; however, if you do not accept them, you cannot use the enhanced functions. You can also change your cookie settings in your browser. However, that might restrict the functions we offer on our website. The same applies to LocalStorage entries, which you can delete from your browser cache.

b) Objection / withdrawal of consent

Cookies will be stored on your computer. You can decide whether you want to erase the cookies from your computer at any time. You can change the settings in your browser to determine yourself whether the transmission of cookies from your computer to us should be disabled, restricted or whether the cookies should be completely erased. If you disable all the cookies from our website, you may no longer be able to use all the website functions in full.

You can also change your cookie settings directly on our website: If you have given your consent to cookies and other technologies, you can withdraw it at any time on our consent management platform by removing the check in question and clicking on the “Accept selection” button. The same applies if we use cookies and other technologies on the basis of our legitimate interests and you wish to object to their use.

Cookie-Consent-Management

 c) MATOMO (web tracking)

Data are collected and stored on this website, with your consent, using the web analytics service software Matomo (www.matomo.org), a service from the provider InnoCraft Ltd., 7 Waterloo Quay PO625, 6140 Wellington, New Zealand (“Matomo”) to enable statistical analyses of user behaviour for optimisation and marketing purposes in accordance with Article 6(1) (a) GDPR. Pseudonymised user profiles can be created from this data and analysed for the same purpose. Cookies are used for that. The cookies enable the Internet browser to be recognised, among other things. In relation to our career website (karriere.minimax.de), the data (including your pseudonymised IP address) collected using the Matomo technology are processed locally on servers of noris network AG, Thomas-Mann-Straße 16-20, 90471 Nuremberg, Germany, on behalf of our system provider REXX systems GmbH, Süderstr. 75-79, 20097 Hamburg, Germany.

The information generated by the cookie in the pseudonymous user profile is not used to identify the visitor to this website personally and is not combined with personal data of the bearer of the pseudonym.

You can withdraw your consent at any time with effect for the future by removing the check in the box “Statistics” in our cookie banner and then clicking on “Accept selection”.


d) Use of Google reCAPTCHA

MINIMAX uses the service reCAPTCHA from Google Ireland Ltd (“Google”) to protect the contact inquiries you submit using the contact form. Google can be reached at Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. This query is used to differentiate whether an entry is made by a human or there is possible misuse resulting from data entered by an automated program (“bot”). As part of this query, your IP address and, if applicable, other data needed by Google for the reCAPTCHA service are also sent to Google. Your input is sent to Google for this purpose and may be used further there. However, MINIMAX uses IP anonymisation on this website, with the result that your IP address will be truncated by Google beforehand within the Member States of the European Union or in other countries that are party to the Agreement on the European Economic Area. The complete IP address is sent to a Google server in the USA and truncated there only in exceptional cases. Standard contractual clauses in accordance with Article 46 GDPR have been concluded as appropriate safeguards. You can find more information on this subject at: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu_de.

Google will use this information on behalf of MINIMAX solely to analyse your use of this service. The IP address sent from your browser as part of reCAPTCHA is not combined by Google with other data.

The use of reCAPTCHA is justified in accordance with Article 6(1) sentence 1 (a) GDPR provided you have given us your prior consent. You can withdraw that consent at any time with effect for the future in the way described above. We use reCAPTCHA to prevent misuse of our website. We will only process your data for as long as is necessary to fulfil the purpose for which they have been collected (in this case preventing misuse of our website).

You can find more information on Google’s Privacy Policy at: http://​www.​google.​com/​intl/​de/​policies/​privacy/.

e) Use of Google Maps

Google Maps API, a map service operated by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”), is sometimes used on the individual pages of our website. This enables us to display interactive maps directly on the website and make it convenient for you to use the map function.

When you visit a page on our website on which the map services are offered, Google is informed that you have called the subpage in question. In particular, the following data are also transmitted to Google:

  • Your IP address
  • The date and time of your request
  • The content of the request (specific page)
  • Data on your location
  • The website from which the request came
  • Your browser type
  • The operating system you are using and its user interface
  • The language setting and version of your browser software.

This is done irrespectively of whether Google offers a user account and you are logged in to this account or you do not have a user account. If you are logged in to Google, your data will be directly associated with your account. If you do not want Google to associate your actions with your profile, you must log out of your account before activating the button. Google stores your data as user profiles and uses them for the purposes of advertising, market research and/or designing its website to suit needs. Such an evaluation is conducted in particular (even for users who are not logged in) in order to present advertising tailored to the customer’s needs and to inform other users of the Google network about your activities on our website. You have the right to object to creation of these user profiles, but must contact Google directly in order to exercise this right.

In the case of this processing, our cooperation with Google is based on a joint controller agreement in accordance with Article 26 GDPR. You can find the agreement at: https://privacy.google.com/intl/de/businesses/mapscontrollerterms/ 

It is simple to disable the Google Maps service and so prevent data being transferred to Google by disabling JavaScript in your browser. However, we point out that you will not be able to display maps if you do so.

Google also processes your personal data in the USA and bases that on the standard contractual clauses of the European Commission; you can find more information on this subject at https://policies.google.com/privacy/frameworks?hl=de.

We use Google Maps API to be able to offer you a map function. The justification for that is Article 6(1) (a) GDPR provided you have given us your prior consent. You can withdraw your consent at any time with effect for the future. If you do so, you will no longer be able to use the Google Maps offering.

You can find more information on the purpose and scope of the collection and processing of data by Google in its Privacy Policy. That policy also provides you with further information on your rights concerning this issue and the settings that you can use to protect your privacy: https://policies.google.com/privacy?hl=de.

f) YouTube

Plug-ins from www.youtube.com, which is operated by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”), are integrated on our website.

We use embedded YouTube videos in privacy-enhanced mode. YouTube describes how it works as follows: “Privacy-enhanced mode allows you to embed YouTube videos without using cookies that track viewing behaviour. This means that no activity is collected to personalise the viewing experience. Instead, video recommendations are contextual and related to the current video. Videos playing in privacy-enhanced mode won’t influence the viewer’s browsing experience on YouTube.” Cookies are therefore placed by YouTube only if you actively enable playing of an embedded video. You can find more information on the subject at: https://support.google.com/youtube/answer/171780?hl=de.

If you call pages on our website which have a YouTube plug-in, a connection to YouTube’s servers is established and the plug-in is shown on the website by being transmitted to your browser. Information about which of our web pages you have visited is transmitted to the YouTube server as a result. If you are logged in as a member on YouTube, YouTube associates this information with your personal user accounts of these platforms. When these plug-ins are used, such as by clicking on or pressing the start button of a video or sending a comment, this information is associated with your YouTube user account, for example; you can prevent that only by logging out from your account before using the plug-in.

Google also processes your personal data in the USA and bases that on the standard contractual clauses of the European Commission; you can find more information on this subject at https://policies.google.com/privacy/frameworks?hl=de.

The legal basis for processing the data is your consent in accordance with Article 6(1) (a) GDPR. You can withdraw your consent at any time with effect for the future as described above.

You can find more information on collection and use of the data by the platform and plug-ins in YouTube’s Privacy Policy at: https://policies.google.com/privacy?hl=de.

g) Google Tag Manager

We use the tool Google Tag Manager, which is operated by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”), on our website.

Google Tag Manager is a solution that can be used to control the integration and analysis of services from third-party providers. The tool itself does not collect any personal data. Tag Manager does not access the data stored by the services of the third-party providers and does not itself store any user data (https://www.google.de/tagmanager/faq.html). The service also runs completely without cookies. Only non-personal data is processed that cannot enable identification of natural persons either directly or indirectly.

h) Google Analytics

Google Analytics, a web analytics service from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”), is used on this website.

The following types of data may be collected by the service: app updates, browser information, click path, date and time of the visit, device information, downloads, flash version, location information, JavaScript support, visited pages, purchasing activity, referrer URL, usage data, widget interactions, and IP address.

This service allows the use of our website to be analysed and uses cookies for that. To enable that, the information generated by the cookie, such as your anonymised IP address, is transferred to a Google server in the USA on our behalf, stored there and analysed. The code “gat._anonymizeIp();” is added to Google Analytics on this website, ensuring anonymised recording of IP addresses. Your IP address is usually anonymised by being truncated by Google Inc. within the European Union or in other countries which are parties to the agreement on the European Economic Area (EEA). In exceptional cases, your IP address is sent to and only then truncated on a Google server in the USA. Your IP address transmitted as part of that is not combined by Google with other data.

Data may be transferred to the USA; such transfer is safeguarded that standard data protection clauses in accordance with Article 46(2) (c) GDPR have been agreed.

As part of the configuration of Google Analytics, it has been ensured that Google receives these data as a processor. Google also uses the data for marketing purposes, for market research and/or to tailor its own offerings to suit needs. That may involve Google linking the data with other data of the user (such as search history, personal accounts, usage data from other devices, and all other data Google has on the user in question).

The recorded data are automatically erased in Google Analytics after 14 months. Data whose retention period has ended are erased automatically once a month.

The legal basis for processing the data is your consent in accordance with Article 6(1) (a) GDPR. You can withdraw your consent to use of Google Analytics at any time with effect for the future as described above in section 8. b).

You can find more information on the terms of service and data privacy at Google at http://www.google.com/analytics/terms/de.html and https://policies.google.com/?hl=de.

i) Facebook pixel

This website uses the “Facebook pixel” from the social network Facebook, which is operated by Facebook Inc., 1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are resident in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”).

The following types of data can be collected as part of that: IP address (truncated), cookie ID, pixel ID, website usage data, information on the browsing session, page location, URL of the website visited by the user, further surfing behaviour (i.e. websites the user visits after this website), referrer URL (i.e. the URL from which the user reached this website), the user agent (e.g. browser, e-mail or newsreader), and the operating system.

The Facebook pixel is used for the following purposes:

Facebook Custom Audience (via pixel)

We use the Facebook pixel for remarketing purposes. The objective of that is to enable recognition of users who have already visited our websites on Facebook or other websites/apps operated by Facebook and to be able to display interest-based advertising or job advertisement to them during their visit. Our goal in doing that is to display advertising that appeals to you.

Facebook conversion

The pixel is also used to track the effectiveness of our Facebook ads for statistical and marketing purposes. That allows us to ascertain whether users have been forwarded to our website after clicking on a Facebook ad and have performed certain actions there, such as purchases (termed “conversion”).

Recipients:

As a result of the Facebook pixel, your browser automatically establishes a direct connection to the Facebook server as soon as you have given your consent. The Facebook pixel can store a cookie and pixel tags on your device. Integration of the Facebook pixel means Facebook is informed that you have called our website or clicked on one of our ads. If you have registered with a Facebook service, Facebook can associate your visit with your account. Even if you have not registered with Facebook or are not logged in, Facebook may be able to find out and store your IP address and other identifying features.

Data may be transferred to the USA; such transfer is safeguarded that standard data protection clauses in accordance with Article 46(2) (c) GDPR have been agreed.

Length of data storage: 3-12 months

The legal basis for processing the data is your consent in accordance with Article 6(1) (a) GDPR. You can withdraw your consent to use of the Facebook pixel at any time with effect for the future as described above in section 8. b).

Joint responsibility:

We and Facebook are joint controllers within the meaning of Article 26 GDPR as regards processing of these data. As part of that, we have concluded a joint controller agreement with Facebook, the provisions of which you can find at: https://www.facebook.com/legal/controller_addendum. This agreement defines the responsibilities of each party as regards complying with the obligations under the GDPR in relation to joint processing of the data. We have agreed with Facebook that Facebook can be contacted by data subjects wishing to exercise their rights as part of this joint responsibility. Irrespective of that, the responsibility for upholding the rights of data subjects is not restricted. You can find more information on how Facebook processes personal data, including the legal grounds Facebook bases that on, as well as ways to exercise your rights as a data subject towards Facebook, in Facebook’s Data Policy at: https://www.facebook.com/about/privacy. You can also find specific information and details on the Facebook pixel and how it works in the Facebook Help.

j) MyFonts

The service “MyFonts” from MyFonts Inc., 500 Unicorn Park Drive, Woburn, MA 01801, USA (hereinafter referred to as “MyFonts”) is used on this website. The service enables us to apply the font used on this website. Under the licensing terms, MyFonts records the number of times the font is displayed on the website and transfers the IP addresses to MyFonts for statistical purposes.

The data is transferred by JavaScript code being enabled in the user’s browser. The user can install a JavaScript blocker (such as www.noscript.net) to prevent execution of JavaScript code of MyFonts as a whole.

The legal basis for using this service is Article 6(1) (f) GDPR. Our legitimate interest in doing so is to make our website user-friendly and ensure its look matches our corporate design.

You can find more information on data protection and the cookies used online at: https://www.myfonts.com/legal/website-use-privacy-policy

9. Presence on third-party platforms

MINIMAX runs presences on third-party platforms whose operators process and store data of their users. MINIMAX unfortunately does not have any influence on their data privacy regulations and settings. We explicitly point out that the third-party platforms also use cookies with which they can track usage behaviour on other websites and apps of the group and on specific websites and in specific apps that integrate the technologies of the third-party platform in question. Information on the data collected and how they are used, the purposes for which they are stored, and how to request erasure of or information on them can be found in the privacy policy of the respective platform.

Facebook: 
https://​www.​facebook.​com/​policy

LinkedIn:
https://​privacy.​linkedin.​com/​de-​de

YouTube: 
https://​policies.​google.​com/​privacy?​hl=de

Instagram: 
https://​help.​instagram.​com/​519​5221​2510​7875
Kununu:
https://​privacy.​xing.​com/​de/​dat​ensc​hutz​erkl​aeru​ng?​sc_​o=cookie_​consent_​banner_​privacy_​policy_​click&​sc_​o_​Pro​pAct​ionO​rigi​n=coo​kie_​consent_​banner_​bottom

10. Data recipients

a) Principles

As a rule, we will only pass on your personal data in compliance with the applicable data protection laws to service providers, business partners, affiliated undertakings and other third parties.

We may disclose personal data to service providers working on our behalf and require them to perform services in our name (order processing). These service providers may be affiliated undertakings of MINIMAX or external service providers. In this context we comply with stringent applicable national and European data protection regulations. The service providers are subject to our instructions and to strict contractual restrictions with regard to the processing of personal data. Accordingly, data may only be processed if this is necessary for the performance of services in our name or in order to comply with legal requirements. The rights and obligations of our service providers in relation to personal data are stipulated by us precisely and in advance.

We may disclose personal data to a third party if we are required to do so by law or in legal proceedings or in order to supply and manage our products and services. We may also be required to provide information to law enforcement agencies or other public authorities. We are also authorised to release data if the disclosure of information is necessary for the purposes of collaboration and thus of providing MINIMAX services to you or if you declare your consent to such disclosure. Disclosure can also rarely be avoided in the course of tax audits.

b) Forwarding of your data to MINIMAX’s affiliated undertakings

Your data may also be forwarded to MINIMAX group companies so that your request can be processed. You can find a list of the MINIMAX group companies at this link

All MINIMAX group companies are obligated by MINIMAX to comply with the provisions of the GDPR (order processing).

Your data are transmitted after you have given your consent by checking the relevant checkbox. The legal basis for using your data is Article 6(1) sentence 1 (a) GDPR if you have given your separate consent to this.

You can withdraw this consent at any time by contacting MINIMAX. Withdrawal of your consent is valid only with effect for the future.

Your data are erased as soon as they are no longer required for the purpose for which they have been collected.

c) Web hosting

Our website and thus your data are hosted by Amazon Web Services EMEA SARL, 38 avenue John F. Kennedy, 1855 Luxembourg (hereinafter referred to as “Amazon”). Amazon may only use the data in accordance with our instructions (order processing). Amazon also adopts stringent technical measures to protect your personal data. Amazon does not pass on your personal data to third parties unless this is necessary in order to perform the agreed services or if Amazon is required to do so by law or to comply with a valid and mandatory instruction issued by a government or regulatory authority. The data transferred as part of this are confined to the absolute minimum.

It has been agreed with Amazon that the data will be stored on servers in the EU. If, in exceptional cases, Amazon also transfers the data to countries outside the European Economic Area, however, Amazon will take the necessary steps to ensure an adequate level of data protection. If Amazon sends your data to the United States, for example, additional measures are taken, such as concluding EU-compliant data transmission agreements with the data importer. 

The legal basis for processing your data is Article 6(1) sentence 1 (f) GDPR. The purpose of processing the data is for Amazon to enable us to use Amazon servers. We only store the data for as long as is necessary to achieve this purpose.

You can find more information on data protection at Amazon at: https://​aws.​amazon.​com/​de/​compliance/​eu-​data-​protection/.

d) Technical support for and implementation of the website

We cooperate with the external service provider Kreios S.à.r.l. (“Kreios”) for providing technical support for and implementing the website. Kreios is based at Rue du Cimetière 23, 5214 Sandweiler, Luxembourg. Kreios may only use the data in accordance with our instructions (order processing). In this context we comply with stringent applicable national and European data protection regulations. Kreios is subject to our instructions and to strict contractual restrictions with regard to the processing of personal data. Accordingly, data may only be processed if this is necessary for the performance of services in our name or in order to comply with legal requirements. The rights and obligations of Kreios in relation to personal data are stipulated by us precisely and in advance. Kreios also adopts stringent technical measures to protect your personal data. Kreios does not pass on your personal data to third parties unless this is necessary in order to perform the agreed services or if Kreios is required to do so by law or to comply with a valid and mandatory instruction issued by a government or regulatory authority. The data transferred as part of this are confined to the absolute minimum.

The legal basis for processing your data is Article 6(1) sentence 1 (f) GDPR. The purpose of processing the data is for Kreios to implement our website and continuously maintain it. We only store your data for as long as is necessary to achieve the respective purpose.

You can find more information on data protection at Kreios at: http://​kreios.​lu/ 

11. Security standards

MINIMAX has implemented appropriate physical, technical and administrative security standards to prevent personal data being lost, misused, changed or destroyed. Our service providers and affiliated undertakings are contractually obligated to ensure that personal data are kept confidential. In addition, they are not allowed to use the data for purposes for which we have not given our approval.

12. Changes to this policy

We may update this Data Privacy Policy from time to time. We therefore recommend that you regularly read this Data Privacy Policy to ensure that you are familiar with our data protection practices. This Data Privacy Policy was last updated on 20 January 2021.