Data Privacy Notice
As of 25.05.2018We appreciate your interest in our company and our products and services, and we would like you to feel secure when visiting our website with regard to the protection of your personal data. At Medialine we take the protection of your personal data very seriously. Compliance with the provisions of the General Data Protection Regulation (GDPR) of the European Union is therefore a prerogative for us. The website found at www.medialine.ag is an offering provided by Medialine EuroTrade AG. Safeguarding your privacy and ensuring the protection of your personal data is of the utmost importance to us. Our practices relating to data privacy are therefore in compliance with the legal regulations on the protection of data. In addition, we do everything that we can to ensure the confidentiality of your data. We believe it is important to inform you about the type of personal data we collect from you and what we use this information for. Therefore, kindly take a moment to read the information below.
1. What are personal data?
Personal data means any information that can be used to identify you. Personal data include, for instance, your name, address, IP address, telephone number or e-mail address. In contrast, information that is not directly linked to your identity (e.g. number of users of a website, favorite web pages) does not constitute personal data.
2. Why do we collect your data
For the use of our website, it is generally not necessary for you to disclose your personal data. In certain cases, however, the processing of personal data may be necessary, for example to provide you with some services you may want. We store and process your data with the systems listed under article 6 for the purpose of order fulfillment, as well as for the fulfillment of accounting tasks and guidelines. The same applies, for example, to the sending of information material and ordered goods, to the answering of individual questions, and for the use of invitations to events, customer information, etc. The fundamental objective of our data collection activity is to maintain and strengthen our business relationship by making sure that you have easy access to our products and services. In addition, we want to offer you the greatest possible ease in carrying out your transaction (ordering, delivery, payment, etc.).
Furthermore, we use your data in an anonymized form in order to create an appealing shopping experience for you and to continuously improve it. For this purpose and to draw your attention to particularly interesting offers, we collect data in the online shop that we use to create affinity profiles. This enables us to see which pages you retrieve while visiting our online shop.
In order to be able to offer you various payment options, we will use your data – not least to protect you and us from misuse – also for checking your credit record. This information protects us from losses that will affect our pricing structure in the long term and ultimately also benefit you as our customer.
3. Which data do we collect, process and use?
The collection and processing of personal data is carried out within the framework of the statutory provisions within the framework of the GDPR (Article 6 (1) GDPR). In addition, we only store and process data that you voluntarily provide to us and, if necessary, data that we collect automatically when you visit our internet pages (e.g., your IP address and the names of the pages you have accessed, the browser you use and your operating system, date and time of access, used search engines, names of downloaded files). The storage period of data obtained by cookies is limited to 24 months, other data we save as long as needed for the business relationship purpose, or until you object to the storage. If you visit our website without registering or logging in as a customer, we will only place a cookie (for more information please see point 4) for the so-called “session ID” and, as a standard, only collect information such as your IP address, time and duration of your visit, the web pages that you retrieve, your language selection as well as the browser type and your country of origin.
If you log in to our online shop as a customer and fill in the registration form, we will also collect your name, address, email address and telephone number. If you place an order, we will also collect the details regarding your payment type and the information relating to the particular order. In addition, we place additional cookies for your customer number and your name in an encrypted form.
Should you place an order, we store your order information in the context of the order history and send this information to the e-mail address you provide. If you have registered as a customer, you can see your order information under “My Account”.
4. What are cookies?
Cookies are small files that are transmitted and stored on the computer’s hard drive by the web server (www.medialine.ag) with the aid of the web browser. Their purpose is to exchange information. Placing cookies allows us to, for instance, personally welcome you at your next visit to our website and notify you of information specially tailored to your needs and interests.
No security-related or personal data are stored in the cookies. They are also unable to transmit any viruses, trojans, dialers, or send e-mails unnoticed from your computer. In addition, each web server can only read the cookies that they themselves have placed.
5. What are server log files and how do we use them?
We, as website operator, automatically collect and store information in so-called server log files, which your browser automatically transmits to us. These are: – browser type and browser version – operating system used – referrer URL – host name of the accessing computer – time of server request – IP address. A merge of this data with other data sources will not be done. The basis for this data processing is Article 6 paragraph 1 lit. of the GDPR, which allows the processing of data for performing contractual or pre-contractual measures.
6. How do we collcet, us and process your data?
Data economy and data avoidance are top priorities for us. For this reason, we collect, use and process only the data absolutely required for completing the order process, communicating with you, and for maintaining our business relationship with you. In particular, this includes all the data we are legally obliged to process and retain for billing and accounting purposes.
For order processing we use data processing systems. The processing systems we use are:
CRM: cobraCRM; CAS genesisWorld
ERP: Mesonic Winline
ECM: ELO Digital Office.
We only store your personal data if you provide it yourself – for example when you register as a customer on our website, at the conclusion of a contract, registration for an event, or in any other form. With your consent, we store your personal data in the customer account web shops, so that you can log in at any time with your username and password. This offers you the advantage that you do not have to enter your address data every time you place a new order. You can object to the use of this data as well as the creation of user profiles on the basis of this data at any time (more under chapter 9.). In this case, your personal data stored with us will be deleted. However, in this case, you will need to sign in again for each order.
For applicants: If an applicant sends us his documents in the context of an advertised position or an unsolicited application, we assume that we may use the information provided to us in the context of the application process and that the consent has been given by sending the documents. After completion of the application process, the data sent to us will be deleted within three months, unless we receive the additional consent of the applicant, which explicitly allows us to save the application and evaluate it for future vacancies. Applicants’ data is subject to the same data subject rights as listed under chapter 9.
7. Why do we pass your information onto?
In principle, we do not pass your personal data to any third parties. We only pass such data on in exceptional cases. However, this is limited to service providers and/or partner companies (“partners”) that support us in order fulfilment and the provision of customers with information. These partners may, however, only use the data for fulfilling the orders we have placed with them and they are obliged to strictly comply with the statutory data privacy regulations. On the other hand, the transmission of data is limited to cases in which the purchase price is financed by a third party. In this case, the name, address and item of purchase as well as the purchase price is transmitted to Commerz Finanz GmbH, with whom we work in these cases. Please note that we may at times be obliged by law to disclose your data. Furthermore, we may disclose your personal information if it is in the public interest (e.g. in the case of credit card fraud).
In order to be able to provide you with advance payments (payment on account, installments, etc.), we must ensure that this type of payment transaction does not lead to misuse and protects consumers from economic overload. We therefore reserve the right to check the creditworthiness of our customers for the purpose of protection against insolvency-based payment defaults, abuses due to unwillingness to pay, as well as improper use by third parties. Before and during each contractual relationship in which we make advance payment, we conduct a credit check for each customer by the credit bureau, which carries out a so-called credit scoring procedure on the basis of mathematical-statistical procedures. The basis of the calculated probability value – your credit rating – is not only your address data, but also your personal details (first and last name) as well as personal data on your previous payment history. In order to be able to have a corresponding credit check carried out by the credit agency, we will provide your personal details (first and last name) as well as your address data. You can object the transmission of your data to the credit agency at any time. In this case, the payment option you are basically entitled to will become the payment in advance. We can then no longer provide you with advance services or must end them, if necessary.
In addition, we may transmit personal contract data and information about non-contractual payment behavior to the credit agency, and also obtain corresponding information from other contractual relationships that arise during the settlement period of our contractual relationship with you. The transmission of this data is within the scope of the legally permissible and only for the protection of our legitimate interests or of another contracting party of the credit agency, taking into account your legitimate interests and wishes in the exclusion of transmission. The transmission of data due to non-contractual behavior to the credit agency will only take place if you have expressly consented to it, in a manner that complies with the requirements of Article 6 (1) of the GDPR. We would like to point out that you have the right to claim for information from both, us and the credit bureau according to Article 15 of the GDPR. This information request is free of charge.
Please note that we may be required by law to disclose your information. In addition, we may disclose information about you if it is of public interest (for example, credit card fraud).
8. How do we protect your data?
In order to collect and administer your data as securely as possible, we use a secure 256-bit SSL (Secure Socket Layer) protocol for data transmission between your computer and our server in the context of your order. This provides encrypted data transmission. Your personal data are stored exclusively in compliance with national legal regulations. When we transmit data to our partners in the context of the procedures described in point 6, besides being bound to the mandatory legal regulations, they are also bound to our contractual stipulations regarding data privacy.
9. Your rights
In accordance with the regulations of the European Union’s GDPR, you have the right to obtain information regarding the data stored by us about you, free of charge. Furthermore, you have the right to ask for correction , deletion and/or blocking of the data stored by us about you.
Should you have any questions regarding our data protection standards and/or wish to exercise your right to correction, deletion or blocking, please contact our Customer Service department. In the chapter 10 you can see how to reach us via e-mail, phone call or by surface postal services.
Within the framework of the GDPR you have the following rights in detail:
You have the right:
• according to Article 7 paragraph 3 GDPR, to revoke your once given consent to us at any time. As a result, we are not allowed to continue the data processing based on this consent for the future;
• in accordance with Article 15 GDPR, to request information about your personal data processed by us. In particular, you can ask for information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the right to rectification, deletion, limitation of processing, or objection, the existence of the right to complaint; be informed, if not collected from us, about the origin of their data, as well as about existence of an automated decision-making process including profiling and, when it is the case, meaningful information about its details;
• in accordance with Article 16 GDPR, to immediately demand the correction of incorrect or uncomplete personal data stored by us;
• in accordance with Article 17 GDPR, to demand the deletion of your personal data stored by us, unless the processing serves in the exercise of the right to freedom of expression and information, or it serves for the fulfillment of a legal obligation, for reasons of public interest, or it is necessary for the assertion, exercise, or defense of legal claims;
• to demand the restriction of the processing of your personal data according to Article 18 GDPR, when the accuracy of the data is disputed by you, or the processing is unlawful, but you reject its deletion even if we no longer need the data, because you may need the data for further defense of legal claims, or you have objected to the processing in accordance with Article 21 GDPR;
• in accordance with Article 20 GDPR, to ask that we remit you your personal data that you have provided us, in a structured, common, and machine-readable format, or to request we should transfer it to another processing or storing receiver; and
• to complain to a supervisory authority pursuant to Article 77 GDPR. You can contact the responsible supervisory authority for this.
The responsible entity within this internet presence, according the European GDPR, is
Medialine EuroTrade AG
D0-55566 Bad Sobernheim
FGeneral Manager / Vorstand: Martin Hörhammer
Phone +49 6751 85378-0
Telefax +49 6751 85378-11
(For calls, fees of the network operator only incur. No additional costs will be charged by us.)
The designated responsible body is the natural or legal person who, alone or in concert with others, decides on the purposes and means of processing personal data (such as names, e-mail addresses, etc.).
11. Our data protection officer
The contact details of our data protection officer are:
Mr. Mario Arndt
Phone +49 611 950008-32
Telefax +49 611 950008-5932
Our data protection officer is always available for any questions and suggestions on data protection.
12. Used plug-ins and tools
Google will also transmit this information to third parties, where applicable, to the extent prescribed by law or if third parties process this data on behalf of Google. Under no circumstances will Google associate your IP address with other data of Google. You may prevent the installation of cookies by changing a relevant setting in your browser software. Users may also prevent the collection by Google of the data generated by the cookie and related to their use of the online offer as well as the processing of such data by Google, by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en. For more information about Google’s use of the Google data, hiring and opt-out options, please visit Google’s websites: https://www.google.com/intl/en/policies/privacy/partners/ (“Google’s use of your data when you use Our Partners’ Websites or Apps”), http://www.google.com/policies/technologies/ads (“Use of Data for Advertising”), http://www.google.com/settings/ads (“Managing Information, the Google used to show you ads”) and http://www.google.com/ads/preferences/ (“Determine which ads Google shows you”).
Any liability of Medialine EuroTrade AG in this regard is limited to wilful intent or gross negligence. Medialine EuroTrade AG is not in a position to check or continuously monitor the behaviour of the services mentioned (Facebook, Twitter, Google+, YouTube and Pinterest) or their providers.
In order to check your personal data, Medialine EuroTrade AG uses so-called “2-click buttons”. If you have not specifically clicked on these, no data will be sent to social networks such as Facebook, Twitter or Google+.
The website of Medialine EuroTrade AG provides an option for interacting with the social network “Facebook”, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. The plug-in can be identified by the Facebook logo (white “f” on a blue background and/or a “thumbs up” symbol). An overview of the Facebook plug-in can be found here: http://developers.facebook.com/docs/plugins/
When you click on the plug-in, a connection is established to Facebook’s servers in the United States and information about which websites you have visited are transmitted. If you are a member of Facebook and logged in, Facebook will assign this information to your personal Facebook user account. If you use the plug-in functions, e.g. by clicking the “Like” button or by posting a comment, this information is also transmitted and assigned to your Facebook account. You can prevent this interaction by logging out of your Facebook user account before clicking on the plug-in. Use of the Facebook plug-in is subject to Facebook’s terms and conditions of use and data privacy. You can find information on the collection and use of your data in Facebook’s data privacy regulations at https://www.facebook.com/about/privacy.
Our website also uses the “Twitter” plug-in, Twitter Inc. 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. The plug-in can be identified by the Twitter logo (white “t” on a light blue background and/or a white bird pictogram). If you click on the plug-in, a connection to Twitter’s service is established. If you are logged into your Twitter user account, a so-called “Tweet” will point to our website page – this transmits information to Twitter. You can find further information on the collection and use of the data by Twitter and on the Tweet button in Twitter’s data privacy regulations at https://www.twitter com/privacy.
Parkway, Mountain View, CA 94043, United States. The plug-in can be identified by means of the “+1” button (“+1” on a white or coloured background). If you click on the button, a link to Google’s service is established and information regarding your visit to the web page is transmitted. If you have a Google+ user account and do not want the transmitted information to be linked to your user account, you must log out of your Google+ account before clicking on the button. Data regarding your visit are stored by Google even if you do not have a Google+ user account. You can find detailed information regarding the collection and use of the data by Google in Google+’s data privacy regulations at http://support.google.com/plus/ bin/answer.py?hl=de&answer=1047397&rd=1
Medialine EuroTrade AG’s website pages provide the option of interacting with the social network “Pinterest”. Use of the Pinterest plug-in is subject to Pinterest’s terms and conditions of use and data privacy. You can find information on the collection and use of your data in Pinterest’s data privacy regulations at http://pinterest.com/about/privacy.
We, as the responsible website operator, have taken technical and organizational security measures to protect your personal information from loss, destruction, tampering and unauthorized access. All of our employees and all persons involved in the data processing are obliged to comply with the General Data Protection Regulation and other data protection-relevant laws as well as the confidential handling of personal data. In the case of the collection and processing of personal data, the information is transmitted in encrypted form in order to prevent misuse of the data by third parties. Our hedging measures are continuously revised in line with technological developments. Nevertheless, internet-based data transmissions can in principle have security gaps so that absolute protection cannot be guaranteed.