Protecting your privacy is very important to us. The legal standards require comprehensive transparency regarding the processing of personal data. Only if the processing is comprehensible to you as the data subject, you are sufficiently informed about the meaning, purpose and scope of the data processing. Below we therefore inform you in detail about the way your data is handled when using this website and your rights regarding your personal data.
Should you have any further questions regarding data protection, please do not hesitate to contact us by e-mail at firstname.lastname@example.org.
1. Name and Address of the controller
Controller for the purposes of the GDPR (in particular pursuant to Art. 4 (7) GDPR), other data protection laws applicable in member states of the European Union and other provisions related to data protection is:
mm sports GmbH
Gregor Lentze, Stefan Schuster
2. Data Protection Officer (DPO)
You can contact the Data Protection Officer (DPO) at:
Simon Karlin, LL.M.
Lentze Stopper Rechtsanwälte PartGmbB
3. General information on data processing
We process personal data only to the extent permitted by law. Personal data will only be disclosed in the cases described below. Personal data will be deleted or protected by technical measures (e.g. anonymisation) as soon as the purpose of processing ceases to apply. This also applies when a prescribed storage period expires, unless there is a need for further storage of personal data for another storage purpose. Unless we are legally obliged to store or disclose your personal data to third parties (in particular law enforcement authorities), the decision which personal data we process depends on which functions of the website you use in individual cases.
Please note that links on our website may take you to other websites which are not operated by us but by third parties. Such links are either clearly marked by us or are recognizable by a change in the address line of your browser. We are not responsible for compliance with data protection regulations and safe handling of your personal data on these websites operated by third parties.
4. Processing during the use of the website
When you visit our website, the browser on your device automatically sends information to the server on our website. This information is temporarily stored in a so-called log file. The following information is recorded and stored until it is automatically deleted:
- shortened by the last octet IP address of the requesting computer,
- date and time of access,
- the name and URL of the retrieved file,
- the website from which access is made (referrer URL),
- the browser used and, if applicable, the operating system of your computer as well as
- the name of your access provider.
The mentioned data will be processed by us for the following purposes:
- Ensuring smooth connection of the website,
- ensuring comfortable use of our website,
- checking and guaranteeing system security and stability as well as
- for other administrative purposes.
The legal basis for data processing is Art. 6 (1) (1) (f) GDPR. Our legitimate interest follows from the aforementioned purposes of data collection. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person. We delete this data after three months. We do not combine this personal data with other data sources. Disclosure only takes place if it is necessary for the operation of our website, e.g. by storing it with our host provider. A transfer to a third country or to an international organization is not intended.
5. Processing by using individual services via our website
Various services are available on our website, where we collect personal data from you if you decide to use them.
Contact form / Contact us by e-mail
If you use the contact form on our website or send us an e-mail, we will process the personal data you provide us. This information is transmitted by your browser or e-mail client and processed in our IT systems. The processing of this personal data is necessary to answer your request. In addition, your IP address and the date and time of the contact request will be stored.
The processing of your personal data serves to answer your request and to prevent abuse of the contact form and to guarantee the security of our IT systems. These processing operations are lawful because the reply to your request and the protection of our IT systems represent legitimate interests within the meaning of Art. 6 (1) (1) (f) GDPR. If a contract is concluded after you have contacted us, the processing is also legal pursuant to Art. 6 (1) (1) (b) GDPR.
The personal data will be processed as long as necessary to respond to your request. Should your request lead to a later conclusion of the contract, processing will take place as long as this is necessary to carry out pre-contractual measures or to fulfil the contract. If no contract is concluded, the personal data is routinely deleted at least every 6 months. We do not merge your personal data with other data sources. Your personal data will not be disclosed to third parties. A transfer to a third country or to an international organization is not intended. You are not obliged to provide your personal data, but it is not possible to use the contact form or send an e-mail without providing it.
6. Data transmission
Your personal data will not be transmitted to third parties for purposes other than those listed below. We will only pass on your personal data to third parties if:
- you have given your explicit consent pursuant to Art. 6 (1) (1) (a) GDPR,
- the disclosure pursuant to Art. 6 (1) (1) (f) GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection not disclosing your data,
- in the event that a legal obligation exists for the transfer pursuant to Art. 6 (1) (1) (c) GDPR,
- this is legally permissible and required by Art. 6 (1) (1) (b) GDPR for the processing of contractual relationships with you, or
- this is done to a service provider acting on our behalf and on our exclusive instructions, whom we have carefully selected (Art. 28 (1) GDPR) and with whom we have concluded a corresponding contract for order processing (Art. 28 (3) GDPR), which obliges our contractor, among other things, to implement appropriate safety measures and grants us comprehensive control powers.
Transmission to the service providers referred to in point (e) for the purpose of order processing shall take place in the following areas: technical provision and programming of the website, user communication, provision of software as a service.
Most browsers automatically accept Cookies. However, you can configure your browser so that no Cookies are stored on your computer or a message always appears before a new Cookie is created. The complete deactivation of Cookies can lead to the fact that you cannot use all functions of our website. The following links provide information on this option for the most frequently used browsers:
8.1. Google Analytics
For the purpose of demand-oriented design and continuous optimization of our website, we use Google Analytics, a web analysis service provided by Google Inc. (https://www.google.de/intl/de/about) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). In this context, pseudonymized user profiles are created and Cookies are used (see No. 7). The information generated by the Cookies about your use of this website such as
- Browser type/version,
- operating system used,
- referrer URL (the previously visited page),
- host name of the accessing computer (IP address) and
- time of the server request
are transferred from your browser to a Google server in the USA and stored on Google servers.
Google Analytics is used for statistical purposes of our website, to evaluate them for the purpose of optimizing our offer for you and to further develop our offer and in particular our website. This constitutes a legitimate interest within the meaning of Art. 6 (1) (1) (f) GDPR. Data transmission to the USA is in accordance with EU Commission Decision 2016/1250 (EU-US Data Protection Shield). If your browser does not support Google Analytics or you deactivate this function, no data transfer takes place.
The pseudonymized user profiles are deleted after 14 months. The information is used to evaluate the use of the website, to compile reports on the website activities and to provide further services associated with the use of the website and the Internet for the purposes of market research and demand-oriented design of these websites. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of the company. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are anonymized so that an assignment is not possible (IP masking). You can prevent the installation of cookies by setting your browser software accordingly (DO-NOT-TRACK).
You can also prevent the collection of data generated by the Cookies and related to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en). For more information about privacy in connection with Google Analytics, please visit the Google Analytics Help Center (https://support.google.com/analytics/answer/6004245?hl=en).
8.2. Google Web Fonts
When visiting our website, so-called web fonts are downloaded for the uniform display of fonts. This content is provided by Google Inc. (https://www.google.de/intl/de/about) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter “Google”). When accessing our website, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. To do this, the browser you are using must connect to Google’s servers. This gives Google knowledge that our website has been accessed via your IP address.
Google Web Fonts are used for the purpose of uniform and appealing presentation of our website. This constitutes a legitimate interest within the meaning of Art. 6 (1) (1) (f) GDPR. Data transmission to the USA is in accordance with EU Commission Decision 2016/1250 (EU-US Data Protection Shield). If your browser does not support web fonts or you deactivate this function, no data transfer takes place.
For more information about Google Web Fonts, visit https://developers.google.com/fonts/.
8.3. Google Maps
The use of Google Maps takes place for the purpose of an appealing, comfortable design of our website and serves the purpose of making it easier to find the places indicated by us on the website. This constitutes a legitimate interest within the meaning of Art. 6 (1) (1) (f) GDPR. Data transmission to the USA is in accordance with EU Commission Decision 2016/1250 (EU-US Data Protection Shield). You are not obliged to provide personal data, but it is not possible to use the affected parts of our website (https://www.mm-sports.eu/kontakt/) without providing it.
9. Integration of social media
On the basis of Art. 6 (1) (1) (f) GDPR we use the social network LinkedIn in order to make our website better known and to interact with our target groups. Responsibility for the data protection-compliant operation of these services is guaranteed by the respective provider. We integrate these services exclusively via a link so that visitors to our website have the best possible control over their personal data.
These social networks are operated exclusively by third parties, some of whom have their register office outside the E.U. or the EEA – there may therefore be no adequate level of data protection in accordance with the GDPR. The browser plug-ins and links on our website are identified by logos or other references. When you visit our website, which contains such a browser plug-in, a connection is automatically established between your device (browser) and the servers of the respective social network. This forwards the information that you have visited our website to the social network. If you are logged in to the social network via your personal user account or during your visit to our website, your visit to our website will be assigned to your account. By interacting with browser plug-ins or links, e.g. by pressing a “like” button or leaving a comment, this information is transmitted to the respective social network and stored there. The allocation of the data to your account can therefore be prevented on the one hand by logging out of your account (of the respective social network) before visiting our website. On the other hand, you can also completely prevent the loading of the respective plug-ins with an add-on for your browser, e.g. with the script blocker “NoScript” (http://noscript.net/).
The purpose and scope of data collection through social networks as well as the further processing and use of your data and your rights and setting options for the protection of your privacy can be found in the respective data protection information of the operators:
Provider: LinkedIn Inc., 2029 Stierlin Court, Mountain View, CA 94043, US
10. Rights of affected persons
As a data subject of a processing of personal data you have the right,
- to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data, if these have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information on their details;
- to immediately request the correction of incorrect or complete personal data stored by us in accordance with Art. 16 GDPR;
- to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
- pursuant to Art. 18 GDPR, to restrict the processing of your personal data if you dispute the accuracy of the data, if the processing is unlawful but you refuse to delete the data and we no longer need the data, but if you need it to assert, exercise or defend legal claims or if you have filed an objection to the processing pursuant to Art. 21 GDPR;
- to receive your personal data, which you have provided to us, in a structured, current and machine-readable format in accordance with Art. 20 GDPR or to request its transfer to another person responsible; and
- to complain to a supervisory authority pursuant to Art. 77 GDPR. You can contact the supervisory authority of your usual place of residence or workplace or our head office. The supervisory authority responsible for our registered office is the Bavarian State Commissioner for Data Protection („Der Bayerische Landesbeauftragte für den Datenschutz“), Postfach 22 12 19, 80502 Munich, Germany, Phone: +49 (0) 89 212 672-0, Telefax: +49 (0) 89 212 672-50, E-Mail: email@example.com.
With the exception of the right of appeal to the supervisory authority, it is sufficient to send an e-mail to firstname.lastname@example.org.
11. Right of revocation in case of processing after consent
If your personal data are processed on the basis of consent pursuant to Art. 6 (1) (1) (a) GDPR (e.g. newsletter dispatch), you have the right to revoke your consent at any time without stating reasons. As a result, we are no longer allowed to continue processing data based on this consent in the future. The revocation of your consent does not affect the legality of the processing carried out on the basis of the consent until revocation.
If you wish to exercise your right of revocation, simply send an e-mail to email@example.com.
12. Right to object
If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 (1) (1) (f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for this arising from your particular situation. If your objection is directed against direct advertising, you have a general right of objection; a justification is not required in these cases.
If you wish to exercise your right of objection, simply send an e-mail to firstname.lastname@example.org.
13. Data Security
We use the most common SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. Usually, this is a 256 bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. Whether a single page of our website is transmitted in encrypted form is indicated by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. We continually adapt our security measures in line with technological developments.
However, we would like to point out that data transmission over the Internet (e.g. communication by e-mail) may be subject to security gaps. A complete protection of data against access by third parties is not possible.
Version: October 2018