DATA PROTECTION DISCLOSURE of MUC0101 GmbH
(hereinafter also "MUC0101", "we" or "us")



1. General


1.1. Your personal data (e.g. title, name, postal address, e-mail address, telephone number) will be processed by us according to the data protection law applicable at the time, and in compliance with the European Union’s General Data Protection Regulation (GDPR). The provisions below would like to inform you about further details on the type and scope of data collected and on the purposes for which we process and use these personal data.


1.2. Our outside contractors and other contract partners also undertake to comply with applicable data protection regulations, specifically with the GDPR, and to in turn ensure and assume responsibility for their contract partners’ compliance with same regulations. This applies specifically when we operate as Data Processor within the framework of Art. 28 GDPR. Both parties acknowledge that they are familiar with the Regulation and will strictly abide by it. Moreover, we commit to data protection also towards our media partners in the form of a separate agreement.


1.3 The data will be processed and used exclusively within the territory of the Federal Republic of Germany, a Member State of the European Union or another signatory to the Agreement on the European Economic Area. Any movement of data to a third country requires the prior consent of the Principal and is subject to compliance with the special requirements set out in Sections 28,32,44 of the GDPR and BDSG.


2. Purpose of Data Transmission


2.1. The purpose of data transmission by us is contacting a multitude of media partners, test readers or reviewers on behalf of our clients (authors or product owners) in order to promote a variety of books and products with selected disseminators. Therefore the client transmits the following data of their media partners, test readers or reviewers to us:


• e-mail address
• given name
• surname
• company
• address
• website


2.2. The data supplied are used solely for the purpose as contractually agreed and will be deleted as soon as they are no longer necessary for their original purpose, and in compliance within the relevant time limit for deletion as prescribed by law.


3. Name and Address of the Data Controller


3.1. Data Controller for the purposes of the GDPR and other Data Protection Regulations, as applicable within the European Union, and other regulations of a similar character is:


MUC0101 GmbH
Altomuensterstraße 77
80997 Munich
Germany
Tel.: +49 89 41856773
E-Mail: [jsaddress]
Website: www.muc0101.com


3.2. In cases of commissioned data processing, liability continues to rest with the data controller.


4. Visits to Our Website


4.1. You will not be required to input personal information in order to access our website generally. Any data regarding usage and logfile data generated, and your IP address, will be deleted or obliterated without delay. Such data are utilized for the purpose of improvement to our services exclusively.


5. Automated Collection of Data


5.1. For technical reasons, the below data, transmitted to us by your web browser, will be collected:


• browser type and version
• operating system used
• the website from which you were referred to us (referrer URL)
• the website visited
• date and time of website access
• your Internet Protocol (IP) address details.


5.2. These anonymous data will be stored separately from any personal data you may have supplied and thus will not provide any personally identifiable information. They will be analysed for statistical purposes only, help us optimize our services and will be deleted immediately afterwards.


6. Master Data


6.1. Your personal data, as far as they may be necessary for the purpose of formation of, or amendments to, our contractual relationship (Master Data) will be used for the purposes of implementation and administration of our contract exclusively. Without your explicit consent these data will not be made available to external third parties, unless legally required or necessary for the execution of the contract.


6.2. On demand of the competent authorities we are permitted in certain rare cases to disclose these Master Data, if required in the context of criminal prosecution or preemptive measures by police authorities, and to the federal or state authorities, to the German Federal Intelligence Service and the German Federal Military Counter-Intelligence Service in the exercise of their duties, or if required for the purpose of enforcement of intellectual property rights.


7. Usage Data


7.1. The personal data required from you in order to make use of our services and to administrate billing (Usage Data), are used for the purposes of implementation and administration of our contract. Usage Data include specifically data for your identification, data about beginning and end and volume of your use of our service and data regarding the teleservices you made use of. We are permitted to transfer usage data for the specific purpose of billing (so-called accounting data) to third party service providers and other third parties, as far as this is necessary in the context of our accounting for our services to our users. When no longer needed in order to perform or administer a contract these usage and billing data are deleted. Instead, data may be blocked or disabled pending deferred deletion due to legal, statutory or contractual requirements necessitating a certain retention period.


7.2. On demand of the competent authorities we are permitted in certain rare cases to disclose such Usage Data, if required in the context of criminal prosecution or preemptive measures by police authorities, to the federal or state authorities, to the German Federal Intelligence Service and the German Federal Military Counter-Intelligence Service in the exercise of their duties, or if required for the purpose of enforcement of intellectual property rights.


8. Retention of Personal Data


8.1. We retain your personal data as long as required for providing the services as ordered by you, or as long as they are indispensable for any other necessary purpose, e.g. if required by law, for settlement of disputes or the execution of this agreement.


9. Your Rights as Data Subject


9.1. You have the right:


in accordance with Art. 15 GDPR, to demand information about your personal data processed by us, specifically about the purpose of processing, the category of personal data, the categories of recipients we disclosed or will disclose your data to and the intended retention time. You also have the right to receive information on your entitlement to correction, deletion, limitation of, or objection to, processing of your data, your right of complaint and on the origin of your data, if not raised by us, about the existence of automated decision-making processes, including profiling, and relevant information about specifics, as applicable;


in accordance with Art. 16 GDPR, to demand the immediate completion or correction of your personal data stored with us;


in accordance with Art. 17 GDPR, to demand the deletion of your personal data stored with us, unless we are required to process them in the context of the rights to freedom of speech or information, in fulfillment of any legal obligation, in the public interest or for the purpose of the implementation or execution or defense of legal claims;


in accordance with Art. 18 GDPR, to demand we limit the processing of your personal data, as far as you claim they are inaccurate, processing them would constitute an infringement of a law, you, however object to their deletion, and while we no longer require these data, they continue to be required by you for the purpose of the implementation or execution or defense of legal claims, or if, in accordance with Art. 21 GDPR, you objected to these data being processed;


in accordance with Art 20 GDPR, to receive information on your personal data provided to us by you in a structured, common and machine-legible format, or to demand us to supply these to an authorized recipient;


in accordance with Art. 7 Sec. 3 GDPR, to revoke your consent to us at any time, with the effect that after such revocation we are no longer permitted to continue processing those data for which your consent was required;


in accordance with Art. 77 GDPR, to file a complaint with a supervisory authority. As a rule, this will be the competent supervisory authority for your usual place of residence or work, or for our registered company office.


10. Your Right to Object


10.1. If your personal data are being processed on the basis of a lawful interest in accordance with Art. 6 Sec. 1 lit. f) GDPR, you are nevertheless entitled to object to such processing of your personal data on the grounds as provided in Art. 21 GDPR, i.e. on specific grounds relating to your particular situation, or if you wish to object to your data being used for the purpose of direct marketing. In the latter case you have the right to object at any time without any specific grounds.


10.2. For making use of your right to revoke consent or to object as above, an e-mail to [jsaddress] will suffice.


11. Subscription to our Newsletter


11.1. We offer a B2B Newsletter to our users, which can they can subscribe to on our website. For details on the personal data to be provided to the data controller when ordering this newsletter, please refer to the relevant entries required in the subscription form.


11.2. We inform your clients and business partners about important updates in connection with our contract on a regular basis by way of a B2B Newsletter. This B2B Newsletter can only be supplied provided (1) a valid recipient e-mail address is available to us and (2) the recipient registers for our mailing list for this newsletter. For legal reasons, a request for confirmation will be sent to the e-mail address provided in the original application for newsletter subscription in order to make sure that the owner of the e-mail address actually authorized a subscription to the newsletter (“Double-Opt-In” system).


11.3. We store the IP address of the device, as assigned by the Internet Service Provider (ISP), used during registration for our newsletter by the data subject together with the logon date and time. Collection of these data is required in order to later evidence a (potential) abuse of the e-mail address of a data subject and is therefore necessary for legal reasons.


11.4. The personal data collected during registration for our B2B newsletter will be used exclusively for the delivery of same B2B newsletter. Moreover, subscribers of this B2B newsletter will also receive information by e-mail, if this becomes necessary for the operation of the news service or the relevant registration, or for example in case of changes to our news service or technical updates. The personal data collected in the context of newsletter subscription will not be made available to third parties. The subscription to our B2B newsletter can be terminated any time by the subscriber. And the consent to our storing of personal data as given during registration for the purpose of delivery of our B2B newsletter may be revoked by the data subject at any time. Every newsletter contains a web link to click for the purpose of revocation of consent. Alternatively, it is also possible to unsubscribe directly on the website of the data controller by otherwise notifying same competent data controller.


12. Tracking of Newsletter Delivery


12.1. Delivery of our B2B Newsletter will not be tracked by us, i.e. we do not follow-up which of the subscribers to our newsletter receive, open or read same B2B Newsletter.


13. Information on Cookies


13.1. Cookies are small text files stored by your browser for the purpose of keeping certain information available while navigating on a website or for future visits. We use so-called first-party Cookies created by and for the purposes of PromoJukeBox and third-party Cookies generated on our website by third-party services. These Cookies allow us to store and retrieve your browser’s most recent language preference setting for our website or retrieve access authorizations as valid for the current session or your user account. They also serve as basis of, anonymized, statistical analyses of our users’ activity on our website for the purpose of optimization of our website. Cookies store text strings only, which are always anonymized and in most cases encrypted. Under no circumstances do we store personal data in Cookies.


13.2. In the areas of web analyses and advertising we cooperate with Google. Google draws data stored in Cookies, e.g. on websites visited and products and services viewed, in order to customize advertising. Google makes use of both Persistent Cookies and Session Cookies. These Cookies do not store any personal data. Deactivating or deleting these Cookies in no way impairs the functionalities of our website.


13.3. On all web browsers, Cookie activity can be limited or blocked completely by selecting the relevant browser setting accordingly. The necessary steps will vary between browsers, please refer to the help menu of your browser for further information. If your browser settings do not allow Cookies, you will however no longer be able to log into your user account on our website. Furthermore, your website navigation may no longer be fully functional.


14. Our Use of Google Analytics


14.1. We use Google Analytics, a service provided by Google Inc. in order to analyse user activity, which makes use of Cookies. Cookies are text files stored on your device which allow analytics of your user activity relating to our website. Cookies generate information which is transferred to a Google server. These servers are generally located in the USA; in compliance with Treaties regarding the use of data originating in the European Economic Area, your IP address will however be masked prior to transmission to the US. In rare and exceptional cases only, masking of your IP address will occur after transmission of data to the USA. Google analyses the information transferred, and in this context renders additional services to us as website operators. Information relating to any IP addresses collected will, however not be combined with information collected via other Google services. You are able to block creation of Cookies on your devices by selecting the relevant browser settings. This may, however, affect and impair the way our website displays and it may no longer function properly. In addition, a browser plugin will block collection and use of data generated by Cookies.


14.2. This plugin can be downloaded from https://tools.google.com/dlpage/gaoptout?hl=en. Learn more about Google’s and Google Analytics’ Privacy Policies at https://www.google.com/analytics/terms/gb.html or https://www.google.com/analytics/terms/us.html and at https://www.google.de/intl/en/policies/ respectively.


15. Collection of Access Data


15.1. For technical reasons, delivery and display of our website content requires the collection of certain data, and when accessing our website, so-called server logfiles are generated by us or the provider of webspace. These logfiles, however, do not contain personally identifiable information about you, your enterprise or your person. The information collected contains the name of the website, the file, the current date, the volume of data, information on the web browser used and its version, the operating system used, the domain name of your internet provider, the referrer URL, i. e. the website from which you were referred to our website and the relevant IP address. We use this information to improve the way we deliver and display our content and for the purpose of statistics and it assists in the continuous improvement of our services. We also reserve the right to subsequently verify the abovementioned data in cases of suspected improper or unauthorized use of our service.


16. Server Logfiles


16.1. Server logfiles are anonymized data collected while you are using our website. The data contained will not include any personally identifiable information; they are, however, indispensable for delivering our service and content. Furthermore, they are used for compiling statistical analyses and for the purpose of continuous improvements to our content. A typical logfile will contain access date and time, volume of data, the browser used and its version, the operating system used, the domain name of your provider, the website which referred you to our service (referrer URL) ad your IP address. Logfiles also required when investigating a suspected improper or unauthorized use of our website.


17. SSL-Encryption


17.1. Our website uses SSL encrypting during transmission of our users’ confidential or personal data. SSL encryption will be activated, e.g. for the administration of payments and for inquiries you make to our website. Please make sure that SSL encryption is also activated on your side during such activities. Activated encryption can be easily recognized, as the initial characters displayed in your browser will change from “http://“ to “https://“. SSL encrypted data can not be read by third parties. Please always make use of SSL encrypted transmission for confidential information and please contact us in case of doubt.


18. Inquiries


18.1. On request we will provide you with the data stored with us regarding your person or user name. To make an inquiries you may contact us by telephone +49 89 41856773, or by mail to MUC0101 GmbH, Altomuensterstr. 77, 80997 Munich, Germany. You can also direct any queries you may have by e-mail to [jsaddress].


19. Contract Language


19.1. Please note that our agreed contract language is German and the German version is binding in case of discrepancies; the English language versions provided serve as convenience translations only.


MUC0101 GmbH, May 2018