PRIVACY NOTICE FOR THE WEBSITE WWW.MMS-RETAILMEDIA.COM
The following Privacy Notice informs you about how we process your personal data. In doing so, we comply with the provisions of German data protection law and the requirements of the European General Data Protection Regulation (GDPR).
The responsible data controller for the website www.mms-retailmedia.com :
Media-Saturn Marketing GmbH,
Maria-Probst-Strasse 9, 80939 Munich
Managing Directors: Torsten Ahlers, Boris Prondzinski
DATA PROTECTION OFFICER
If you have any Privacy questions or if you wish to exercise the rights to which you are entitled the GDPR, a simple message to our Protection Officer will suffice. You can use the following contact details for this purpose:
MediaMarktSaturn Retail Group GmbH
– Datenschutz –
By e-mail: firstname.lastname@example.org
For your own protection, we reserve the right, to obtain further information necessary to confirm your identity and, if identification is not possible, to refuse to process the request.
PURPOSES AND LEGAL BASES OF DATA PROCESSING
We process your personal data for the following purposes: –
– Statistical evaluations, abuse prevention, and enforcement of legal claims.
– Cookies and other technologies
In detail, this includes:
When you contact us by phone, e-mail or via a contact form, the data you provide will be processed by us to the extent necessary to answer your questions. The contact is logged in order to comply with legal requirements.
The legal basis is Art. 6 para. 1 lit. b, c GDPR.
b) Statistical evaluations, prevention of abuse and enforcement of legal claims
We also process your data to generate statistics to improve our products and services. In this processing, your data is pseudonymized and not evaluated on an individual customer basis or used to predict your personal preferences.
However, the processing of your data may also be necessary, for example, to ensure IT security and IT operations or to prevent and investigate crimes and cases of abuse, in particular through data analysis.
Finally, we process your personal data insofar as we are legally obligated to do so, for example due to official orders or court orders and rights as well as for legal defense.
The legal basis for this is Art. 6 para. 1 lit. f GDPR or Art. 6 para. 1 lit. c GDPR.
c) Cookies and other technologies
RECIPIENTS OF YOUR PERSONAL DATA
When passing on your personal data, we always ensure the highest possible level of security. Therefore, your data will only be passed on to affiliated companies and, if necessary, to carefully selected and contractually obligated service providers and contract and cooperation partners.
a) Affiliated companies
The companies affiliated with us (§§ 15 ff. AktG) receive your data so that we can provide you with all services and offers.
The legal basis is Art. 6 para. 1 lit. b DSGVO or Art. 6 para. 1 lit. f GDPR.
b) Third-party service providers and processors
In order to fulfill our contractual and legal obligations, we also use external service providers. Your data may be passed on to independently responsible third-party service providers or to order processors within the meaning of Art. 28 GDPR, e.g. to ensure our IT operations and to send our newsletter. Insofar as these companies act for us by way of commissioned processing, they may process the personal data provided exclusively in accordance with our instructions and for the purposes specified by us, Art. 28 GDPR. Regarding any data processing outside the EU, please refer to the next section: DATA TRANSFER TO THIRD COUNTRIES.
c) Other third parties
We will only disclose your data to third parties or government agencies within the framework of existing data protection laws if we are legally obligated to do so. due to official order or court order or if we are entitled to do so, e.g.when this is necessary for the prosecution of criminal offenses or for the exercise and enforcement of our rights and claims.
The legal basis is Art. 6 para. 1 lit. c and lit. f GDPR.
DATA TRANSFER TO THIRD COUNTRIES
We make a point of processing your data within the EU. However, it may happen that we use service providers who process data outside the EU (“Third Countries”) in the context of administration, development and operation of IT systems as well as marketing and customer communication. In these Third Countries, despite careful selection and commitment of the service providers, the high European level of data protection cannot necessarily be guaranteed. If data is transferred to the U.S., there is a risk, for example, that this data may be processed by U.S. authorities for control and monitoring purposes without effective legal remedies being available or all data subject rights being enforceable.
If we use service providers in third countries, we take additional measures to ensure a sufficient level of data protection when transferring personal data pursuant to Art. 44 et seq. DSGVO and thus ensure that the transfer is generally permissible and that the special requirements for a transfer to a Third Country are met (e.g. by concluding EU Standard Contractual Clauses and additional guarantees, supplementary technical and organizational measures such as encryption or anonymization).
We process and store your personal data only for the period required to fulfill the respective processing purpose or if this has been provided for in laws or regulations. After discontinuation or fulfillment of the purpose, your personal data will be deleted or blocked. In the case of blocking, deletion will take place as soon as legal or contractual retention periods do not conflict with this.
We hereby inform you about the rights you have concerning the processing of your personal data. You have the right
– to be informed by us about your personal data we’re processing (right of access by the data subject) (Art. 15 GDPR).
– to rectification (Art. 16 GDPR).
– to erasure (‘right to be forgotten’) (Art. 17 GDPR).
– to restriction of processing (Art. 18 GDPR).
– to data portability (Art. 20 GDPR).
– to object to the data processing (Art. 21 GDPR) If your personal data is processed on the basis of legitimate interest pursuant to Art. 6 par. 1 lit. f GDPR, you have the right to object to the processing at any time pursuant to Art. 21 GDPR.
– withdraw your consent (Art. 7 par. 3 GDPR) If your personal data is processed on the basis of consent, the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
If you wish to exercise your rights, a simple message to our Data Protection Officer will suffice:
MediaMarktSaturn Retail Group GmbH
– Datenschutz –
For your own protection, we reserve the right , to obtain further information necessary to confirm your identity and, if identification is not possible, to refuse to process the request.
If you assume that the processing of personal data concerning you violates the GDPR , you also have the right to lodge a complaint with the supervisory authority responsible for us , acc. to Art. 77 GDPR.
The responsible supervisory authority is:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
LINKS TO OTHER WEBSITES
Our website may contain links to third party websites. We are not responsible for the data processing on those external, third party websites. Please inform yourself on the respective websites about their privacy notice.
In order to ensure that our Privacy Notice always complies with the current legal requirements, we reserve the right to make changes at any time. This also applies to the case that the Privacy Notice has to be adapted due to new or revised offers or services.