Data Privacy

Welcome to our website and thank you for your interest in our company. We take the protection of your personal data very seriously. We process your personal data in compliance with the applicable statutes and regulations regarding the protection of personal data, in particular the EU General Data Protection Regulation (EU GDPR) and the country-specific implementing legislation. This data privacy statement contains all you need to know about the processing of your personal data by mayer-digital GmbH & Co. KG and the rights to which you are entitled.
Personal data is defined as data that enables the identification of a natural person. It includes, in particular, name, date of birth, address, telephone number, e-mail address and IP address.
Data is said to be anonymous if it cannot be assigned to a particular user.

mayer-digital GmbH & Co. KG
Wannenäckerstraße 65
74078 Heilbronn
Telephone: 07131 / 728 120
Fax: 0 7131 / 728 239
E-mail: srvcwndrhbcm

Contact information for data protection officer:
dtnschtzmk-ncm

Our website only uses cookies which are technically necessary. These cookies make our web services more secure, effective and user-friendly and are essential when it comes to operating the website and making sure it remains functional. Cookies are small text files that are sent to your terminal device and stored there. The legal basis for the storage of cookies is our legitimate interest in the operation of our website (Art. 6(1), sentence 1, lit. f EU GDPR). We also use cookies without your consent provided their sole purpose is for storing and accessing information on your terminal device in order to send a message, or if they are essential for the rendering of any service you have expressly requested (§ 25(2) TTDSG [Telecommunications and Telemedia Data Protection Act]).
We only use our own cookies.
The session cookies used are only valid for one browser session. They are deleted when the browser window is closed. These cookies are used solely for purposes of website management (e.g. remembering which menu items have been opened).
Most web browsers accept cookies automatically. You can, of course, deactivate, restrict or even delete the cookies on your terminal device by changing your browser settings accordingly or using appropriate software.

To begin with, we would like to inform you of your rights as a data subject. These rights are regulated in Art. 15-22 EU GDPR. They include:
• the right of access (Art. 15 EU GDPR),
• the right to erasure (Art. 17 EU GDPR),
• the right to rectification (Art. 16 EU GDPR),
• the right to data portability (Art. 20 EU GDPR),
• the right to restriction of data processing (Art. 18 EU GDPR),
• the right to object to data processing (Art. 21 EU GDPR).
Please contact dtnschtzmk-ncm if you wish to exercise any of these rights. The same applies if you have any questions about how our company processes data. You also have the right to lodge a complaint with a data protection supervisory authority.

Please note the following with regard to rights to object:
If we are processing your personal data for purposes of direct marketing, you have the right to object to this form of data processing at any time without giving any reasons. The same applies to any profiling carried out in connection with our direct marketing activities.
Once we receive your objection, we will cease processing your personal data for these purposes. You can lodge an objection informally and free of charge, preferably by sending an e-mail to: dtnschtzmk-ncm.
If we process your data to protect our legitimate interests, you may object to this processing at any time for reasons arising from your specific situation; the same applies to any profiling based on these provisions.
We will cease processing your personal data as soon as we receive your objection unless we can demonstrate compulsory grounds for the processing that are worthy of protection and outweigh your interests, rights, and freedoms, or unless the processing is necessary to assert, exercise or defend legal claims.

Your personal data is processed in compliance with the provisions set out in the EU GDPR, the German Data Protection Act (BDSG) (new), and all other applicable data protection legislation. The legal bases for the processing of your data are defined first and foremost in Art. 6 EU GDPR.
We use your data to initiate business transactions, to fulfil legal and contractual obligations, to execute contracts, to offer products and services, and to strengthen our customer relations. These activities may also encompass direct marketing and the performance of analyses for marketing purposes.
Your consent also constitutes a granting of permission within the meaning of data protection law. In these situations, we inform you of the purposes of the data processing and your right to object. If your consent is also required for the processing of special categories of personal data, we will expressly call your attention to this when we request it.
Special categories of personal data within the meaning of Art. 9(1) EU GDPR are only processed if this is required by law and if there is no reason to assume that the processing is outweighed by your legitimate interest in excluding the data from processing.

We will only transfer your data to third parties if this falls within the framework of the law or if you consent to us doing so. Otherwise, your data will not be transferred to any third party unless mandatory provisions of law oblige us to do so (transfer to external bodies such as supervisory authorities or law enforcement agencies).

We ensure that your data is only made available to those persons within our company who require it in order to fulfil our contractual and statutory obligations.
In many cases, we engage service providers to support our specialist departments in the performance of their tasks. The necessary data protection agreements have been concluded with all these service providers. Most of the service providers contracted by our company are printers, print processors, logistic experts, paper manufacturers and credit insurers.

We take appropriate technical and organisational security measures to protect the stored data as effectively as possible from accidental or intentional manipulation, loss, destruction or unauthorised access. Security levels are continually reviewed and adapted to new security standards in cooperation with security experts.
Data sent to and from our website is encrypted before transmission. We offer HTTPS as the transmission protocol for our web presence, using the current encryption protocols in each case. You also have the option of using alternative communication channels (e.g. postal mail).

Data is only transferred to third countries (outside the European Union or the European Economic Area) if this is necessary for executing the contract, if it is required by law, or if you have consented to us doing so (Art. 49(1), sentence 1, lit. a EU GDPR). In cases like these, you will be informed separately of the associated risks when we request your consent.

Furthermore, please note that your data may be processed outside the European Union. Appropriate contractual regulations and guarantees have been put in place to ensure that European data protection standards are adhered to when data is transferred to and processed in third countries. Data may also be processed and/or stored in third countries on the basis of your consent (Art. 49(1), sentence 1, lit. a GDPR). In cases like these, you will be informed separately of this, and of the option to object, when your consent is requested.

We will store your data for as long as it is needed for the respective processing purpose. Please note that there are a number of statutory retention periods which require that your data may (have to) be stored for longer. This applies in particular to retention periods under commercial and tax law (e.g. the German Commercial Code, German Fiscal Code, etc.). Data is routinely erased when it is no longer needed except in cases where we are obliged to keep the data on file for longer. We may also retain your data if you have given us your permission to do so, or if legal disputes arise and your data is needed as evidence within the framework of statutory limitation periods, which may amount to up to thirty years; the regular limitation period is three years.

Various types of personal data are required to establish, implement and terminate the contract and to fulfil the associated contractual and statutory obligations. The same applies to the use of our website and the various functions it offers.
We have summarised the relevant details above. In certain cases, data may also have to be collected or made available for legal reasons. Please note that we cannot deal with your request or execute the underlying contract unless this data is provided.

The data we process is determined by the respective context. It depends for example on whether you are placing an order online, entering an enquiry in our contact form, sending us an application, or making a complaint.
Please note that we may also provide information regarding specific processing situations in the appropriate places, e.g. when you upload application documents or send us a contact request.
When you visit our website, we collect and process the following data:
The IP address assigned and log files generated by your internet service provider. This data is stored for technical security reasons (in particular to prevent attacks on our web server) in accordance with Art. 6(1), sentence 1, lit. f EU GDPR. The data is stored for seven days, while the access log files are stored for 14 days.

Our website contains a contact form that you can use to get in touch with us electronically. If you use the contact form to write to us, we will process the data you enter into the contact form to contact you and respond to your queries and requests.
In compliance with the principle of data minimisation and data avoidance, you are only required to provide the data that is essential to us for establishing personalised contact with you. This consists of your e-mail address, your name, the subject field and the message itself. We also process your IP address out of technical necessity and for purposes of legal protection. All other data fields are optional, and you may choose whether to enter your information into them (e.g. so that we can answer your questions more individually).
If you contact us by e-mail, we will process the personal data you disclose in your mail solely for the purpose of responding to your query. If you do not contact us using the forms provided, no other data will be collected.

When you send us a contact request, we collect and process the following data:

• Surname, first name
• Company name
• Contact data (address, telephone number and email address)
• Message

We embed external fonts (Google Fonts) into the e-mails sent in response to contact requests (confirmation e-mails). Google Fonts is a service provided by Google Inc. ("Google"). These fonts are embedded by accessing a server, usually a Google server in the USA. During this process, Google stores the IP address of the terminal device used to access the e-mail. Further information is provided in Google’s data privacy policy, which you can view here:

https://fonts.google.com/knowledge
www.google.com/policies/privacy/

We use Google Fonts in the interest of presenting our mails in a uniform and appealing manner. This is a legitimate interest within the meaning of Art. 6(1), sentence 1, lit. f GDPR.
Google processes and stores your data in the USA. Google is contractually bound to comply with EU data protection standards and guarantee the level of data protection required in the EU. Data may also be processed and/or stored in third countries on the basis of your consent (Art. 49(1), sentence 1, lit. a GDPR). In cases like these, you will be informed of this separately when your consent is requested.

This website uses the service of Matomo in order to analyze the usage of our website and regularly enhance our services. Using those statistics allow us to enhance our offering and make it more interesting for you as a user. Legal base for the use of Matomo is your consent according to Art. 6 para. 1 lit. a) GDPR.
Your consent can be revoked at any time with effect for the future. In order to do so, just toggle our consent-management by clicking on the fingerprint-button at the bottom left and revoke your consent. Please mind that such adjustments are to be made separately for each device.

The data is stored for 180 days. 

This website uses Matomo with the expansion „AnonymizeIP“. Therefore, IP-addresses are cut before further processing, so they cannot be linked to a specific person. The IP-address that is being transferred by your browser will not be combined with other data collected by us. Furthermore, Matomo does not use any cookies.

Matomo is an open-source-project. You can find privacy-information of the service provider at https://matomo.org/privacy-policy/.

Our website uses the reCAPTCHA service provided by the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). This tool enables us to determine whether input on our website was provided by a human or entered improperly by automated machine-based processing. It does so by loading image files and other matching and security mechanisms from Google servers. This provides Google with information about your activities on the web page in which reCAPTCHA is embedded. Your ID address and any other data required by Google for the reCAPTCHA service is transferred to Google on the basis of our legitimate interest in establishing personal responsibility in the internet and preventing spam and improper use (Art. 6(1), sentence 1, lit. f GDPR).
Google processes your data in a third country, i.e. the USA. Appropriate contractual regulations and guarantees have been put in place to ensure that European data protection standards are adhered to when data is transferred to and processed in third countries. Data may also be processed and/or stored in third countries on the basis of your consent (Art. 49(1), sentence 1, lit. a GDPR).
Data processing in connection with Google reCAPTCHA involves the use of Google fonts which – like the reCAPTCHA content – are loaded from Google’s external servers. Connection and traffic data (e.g. your IP address) are transmitted to these external servers during the process. This data is processed solely for the purpose of executing Google reCAPTCHA in the form described here.
You may withdraw your consent to the transfer of your data to the USA at any time with future effect. Please note that you must withdraw your consent separately for each terminal device.
Further information about Google data privacy guidelines is available at https://www.google.com/intl/wh-de/policies/privacy/.

Our website uses the LinkedIn Insight Tag provided by LinkedIn Ireland Unlimited Company (Wilton Place, Dublin 2, Ireland). The legal basis for this is your consent (Art. 6(1), sentence 1, lit. a GDPR and §25(1) TTDSG).

Visitors to this website who consent to the use of the tag can then be shown personalised advertisements on LinkedIn. It is also possible to generate ad performance reports and information on web page interaction. The LinkedIn Insight Tag is embedded on this website for this purpose and establishes a connection with the LinkedIn server. If you visit this website while you are logged into your LinkedIn account, the data generated by your visit to our website can be associated with your LinkedIn account.

This process serves to evaluate the effectiveness of LinkedIn ads for statistical and market research purposes and may help optimise future advertising measures. The Insight Tag enables us to implement a process known as “retargeting”. This means we receive information as to whether our advertising is effective and matches the interests of our users. It also allows us to display targeted advertising outside our own website without personally identifying you as a website visitor. We do not analyse the browsing behaviour of individual users.

We use the LinkedIn tag solely to determine whether users come to our website from LinkedIn.

We have no control over the storage and processing of your data by LinkedIn. LinkedIn uses the data for its own advertising purposes.

The LinkedIn Insight Tag also collects the following data in connection with your use of our website: sphere of activity, job description, company, industry, career level, company size, location, state/region and country. This enables LinkedIn to assign your data to a specific profile, where it can then display suitable ads.

We base our collection of your data on your consent pursuant to Art. 6(1), sentence 1, lit. a GDPR, §25(1) TTDSG).

You can withdraw your consent at any time with future effect. To do this, just click on our consent banner and select the corresponding settings. Please note that changes to consent banner settings must be made separately for each terminal device.

If you withdraw your consent, your data will no longer be processed for this purpose. The data will then be erased provided there are no statutory retention periods that prevent us from doing so. Unless you withdraw your consent, the data will be stored for 180 days. The data will then be erased automatically.

In some cases, LinkedIn also processes data in third countries outside the EU/EEA, e.g. the USA. Appropriate contractual regulations and guarantees have been put in place to ensure that European data protection standards are adhered to when data is transferred to and processed in third countries. Data may also be processed and/or stored in third countries on the basis of your consent (Art. 49(1), sentence 1, lit. a GDPR).In cases like these, you will be informed separately of this, and of the option to object, when your consent is requested.

If you wish to prevent your data from being assigned to your LinkedIn account – even if you have given us your consent – you must log out from your LinkedIn account before accessing those of our web pages that connect to LinkedIn. Please note that you must do this separately on each terminal device. Please contact LinkedIn directly if you have any questions about the processing of your data by LinkedIn.

If you are logged in to LinkedIn, you can also prevent your data from being collected by clicking on the following:
https://www.linkedin.com/psettings/enhanced-advertising

Further information about data privacy at LinkedIn is available at:
https://www.linkedin.com/legal/privacy-policy

We do not use purely automated processing workflows to make decisions.

Our website also contains clearly identifiable links to the websites of other companies. We have no control over the content of web pages linked from our website. We can therefore accept no responsibility or liability for this content. The provider or operator of the respective website is invariably responsible for that website’s content.
The linked pages were reviewed for potential and identifiable legal violations at the time the link was created. No illegal content was identifiable at that time. However, we cannot be reasonably expected to continually review the linked pages with no concrete indication that they may contain illegal content. Links of this type will be removed immediately if we become aware of any violations of the law.

Our website contains links to the social media services provided by Facebook, LinkedIn and Instagram. Links to social media websites are identified by the respective corporate logo. If you click on these links, you will reach mayer-digital GmbH & Co. KG’s corporate presence with the brand WUNDERHUB on the respective social media service. Clicking a link to a social media service establishes a connection with that service’s servers. These servers are then informed that you have visited our website. Other data is also transferred to the provider of the social media service. This may include:

• Address of the web page on which the activated link has been inserted
• Date and time at which the web page was accessed and the link activated
• Information about the browser and operating system used
• IP address

If you are already logged into the respective social media service when you activate the link, the provider of that service may be able to determine your user name and possibly even your real name from the data transferred and could then associate it with your personal user account. You can prevent this data from being associated with your personal account by logging out of your account beforehand.

The servers used by these social media services are located in the USA and other countries outside the European Union. This means that the provider of the respective social media service may also process your data in countries that are not members of the European Union. Please note that companies in these countries are subject to data protection legislation that may not afford personal data the same degree of protection as that required in the European Union member states.

Moreover, please be aware that we have no control over the scope, nature and purpose of the data processing activities performed by the provider of the respective social media service. You will find further information about how your data is used by the social media services embedded in our website in the respective service’s data privacy guideline.

mayer-digital GmbH & Co. KG maintains various social media pages for the brand WUNDERHUB. These are mainly found on Facebook, Instagram and LinkedIn. Insofar as we are able to control the processing of your data, we make sure that the applicable data protection regulations are complied with.
See below for the most important information about data privacy law as it relates to our social media presence.

Names and addresses of the parties responsible for operations
Besides mayer-digital GmbH & Co. KG, the parties responsible for each corporate presence within the meaning of the EU General Data Protection Act (EU GDPR) are:
• Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
• Instagram (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
• LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)
However, you use these platforms and their functions on your own responsibility. This applies in particular to the use of interactive functions (e.g. comments, shares, ratings).
Furthermore, please note that user data may be processed outside the European Union. This could constitute a risk, e.g. because it could be more difficult for users to assert their rights. Providers who process or store data in third countries are contractually bound to adhere to the data protection standards enforced in the EU. Data may also be processed and/or stored in third countries on the basis of your consent (Art. 49(1), sentence 1, lit. a GDPR). In cases like these, you will be informed of this separately when your consent is requested.
We maintain the fan pages ourselves so that we can communicate with visitors and use this channel to inform them about our services.
We also collect data for statistical purposes so that we can develop and optimise our content and make our pages more appealing. The social media networks process the necessary data (e.g. the total number of page views, page activities, data provided by visitors, interactions) and place it at our disposal. We have no control over how it is generated and presented.
Providers of social media services also process your personal data for advertising and market research purposes. They may for example create usage profiles based on your user behaviour and the interests it reveals. These profiles can be used both in and outside the networks to display ads that match your interests. Cookies are usually stored on your computer for this purpose. However, data that was not collected directly from your terminal device can also be stored in your usage profiles. Data is also stored and analysed between multiple devices, in particular but not exclusively if you are registered as a member and have logged in to the respective platform. Otherwise, we do not collect or process any personal data in this context.
mayer-digital GmbH & Co. KG processes your personal data on the basis of our legitimate interest in efficient information and communication pursuant to Art. 6(1), sentence 1, lit. f EU GDPR.
If you are asked to consent to the processing of your data, i.e. if you declare your consent by clicking a button or similar (opt-in), the legal basis for the processing is Art. 6(1), sentence 1, lit. a., Art. 7 EU GDPR.

Your rights / right to object
If you are a member of a social media network and do not want the network to collect your data through our page and link it with your membership data, you must
• log out of the respective network before you access our fan page,
• delete the cookies on your device, and
• close and restart your browser.
Please note that this process must be carried out separately on each terminal device.
However, if you log back in, the network will again be able to identify you as a specific user.
Please refer to the following links for detailed information regarding the different types of processing and the options available for opting out:
• Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) – privacy policy: https://www.facebook.com/about/privacy/
Opt-out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com
• Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) – privacy policy/ opt-out: http://instagram.com/about/legal/privacy
• LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland) – privacy policy https://www.linkedin.com/legal/privacy-policy ,
Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
In all, you have the following rights regarding the processing of your personal data:
• the right of access (Art. 15 EU GDPR),
• the right to erasure (Art. 17 EU GDPR),
• the right to rectification (Art. 16 EU GDPR),
• the right to data portability (Art. 20 EU GDPR),
• the right to restriction of data processing (Art. 18 EU GDPR),
• the right to object to data processing (Art. 21 EU GDPR).
You also have the right to lodge a complaint with a data protection supervisory authority.
However, since the company mayer-digital GmbH & Co. KG does not have full access to your personal data, you should contact the social media provider directly when exercising this right. These providers can access their users’ personal data and are thus able to provide relevant information and take appropriate measures.
We will of course try to support you if you still require assistance. Please contact dtnschtzmk-ncm

mayer-digital GmbH & Co. KG is interested in maintaining a customer relationship with you and sending you information and offers relating to our products / services. This means we process your data in order to send you relevant information and offers by e-mail or postal mail.
If you do not wish us to do this, you can object to the use of your personal data for direct marketing purposes at any time; the same applies to any profiling associated with this direct marketing. If you lodge an objection, we will cease processing your data for this purpose.
You can send us your objection informally and free of charge without giving any reasons. We would prefer it if you did so by calling us on +49 7131 728 238, sending an e-mail to dtnschtzmk-ncm or writing to us at mayer-digital GmbH & Co. KG, Datenschutz [Data Protection], Wannenäckerstraße 65, 74078 Heilbronn.