Thank you for your interest in MPRINT MORLOCK GMBH + CO. KG and our website (“Website”). Protecting your privacy and collecting, processing and using your data in accordance with the law is of particular concern to us.
In the following, we will inform you about which of your data we collect on the website and for what purposes we process and use it. 

1. CONTROLLER/SERVICE PROVIDER

1.1. Controller in accordance with Art. 4 (7) of the General Data Protection Regulation (hereinafter “GDPR”) and Service Provider within the meaning of the German Digital Services Act (DDG) is MPRINT MORLOCK GMBH + CO. KG, Ruhesteinstraße 3 49, DE-72270 Baiersbronn,info@mprint.de, represented by MPRINT MORLOCK Verwaltungsgesellschaft mbh, which is represented by the managing directors Michael Morlock and Marcus Stickel (hereinafter “us” or “we”).

1.2. Our external Data Protection Officer, Dr. Thomas A. Degen, accredited IT law specialist and certified TÜV Süd (DSB-TÜV) data protection officer, is available for and receives notices and communication under datenschutz@mprint.de or under “The Data Protection Officer” at our postal address.

2. COLLECTION, PROCESSING AND USE OF DATA WHEN YOU VISIT OUR WEBSITE

2.1. If you use our website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which we require for technically reasons in order to display our website to you and to ensure stability and security:
- the name of your internet service provider, 
- the IP address assigned to you, 
- the address of the website your visit to our website originates from, 
- the browser used and, if applicable, your computer's operating system, 
- the amount of data transferred 
- the sub-pages of our website you visit and 
- the date and time of your visit to our website.

2.2. We and our IT service providers have access to the data as well as our host provider, whose servers are located within the European Union. We have concluded a Data Processing Agreement (DPA) with our host provider in accordance with Art. 28 GDPR.

2.3. We process the data mentioned for the following purposes: 
- to ensure a smooth connection to the website, 
- to ensure a comfortable use of our website, 
- to evaluate system security and stability, and 
- for other administrative purposes.

2.4. or security reasons, log file information (e.g. to investigate acts of abuse or fraud) is stored for a maximum of 10 days and then deleted or anonymized. Where a further storage of data is required for evidentiary purposes, such data is excluded from deletion pending final completion of the clarification of the respective incident.

2.5.The legal basis for data processing is point (f) of Art. 6 para. 1, 1st. sentence of the GDPR. Our legitimate interest follows from the data collection purposes listed above. Please note the right of withdrawal in accordance with section 16 of this present Privacy Statement.

2.6. We also use cookies when you visit our website. More information on the use of cookies is available to you under Ciph. 6 of this present Privacy Statement. 

3. COLLECTION, PROCESSING AND USE OF THE DATA PROVIDED BY YOU WHEN USING THE WEBSITE

3.1 We collect your data, which you provide to us when contacting us, e.g. by email, fax or using a contact form. The processing and use of the data you provide when contacting us is limited to the purpose of answering your request and for any follow-up questions.

3.2 Data processing for the purpose of establishing contact is carried out in accordance with lit. b of Art. 6 para. 1, 1st. sentence of the GDPR. 

4. HOSTING

Our web server is operated by an internet service provider. Therefore, our internet service provider processes the personal data you transmitted when visiting our website on our behalf.

5. USE OF OUR SERVICES

5.1. If you wish to use our services, any respective consultation and conclusion of a respective contract requires that you provide your personal data needed so that we can process your order in accordance with lit. b of Art. 6 para. 1 sentence 1 of the GDPR. We process the data you provide for the purpose of processing your order.

5.2 Provided your respective consent, we will also include you in our database of interested parties. We will then store your data for any further orders. You are free to revoke your consent to this storage of customer data at any time. In such event, we will  delete the corresponding data without delay as soon as we are no longer authorized or obligated to store it.

5.3 Applicable commercial and tax law requires us to store your address, payment and order data for a period of ten years. However, after two years we will restrict the processing of this data, i.e. your data will only be used to comply with these legal obligations.

6. COOKIES

6.1. When visiting our website from one of your devices for the first time, you will be notified that in the course of the website visit so-called cookies may be stored on the device. If you continue to use our website following this notice, you thereby express your consent to our use of persistent cookies.

6.2 Cookies are alphanumeric identifiers that are transmitted to the hard drive of the device when you access our website. They allow us to recognize your browser when you visit the website at a later date and are used primarily to make your visit to the website more pleasant and personalized, e.g. by recognizing the language used, as well as to protect the website from hacker attacks.

6.3 This website uses the following types of cookies, the scope and functionality of which are explained below: 
- transient cookies (see 6.4) 
- persistent cookies (see 6.5).

6.4 Transient cookies are being deleted automatically when you close your browser. These include, in particular, session cookies. These store a so-called session ID, which allows to associate different requests from your browser to a particular browsing session. This allows for a recognition of your computer when you return to our website. The session cookies are being deleted when you log out or close your browser.

6.5 The persistent cookies we use are automatically deleted after a specified period of time, which may differ depending on the cookie.

6.6 You can delete the cookies at any time using your browser's security settings. The help function in the menu bar of most web browsers will explain how to set up your browser so that new cookies are never being accepted, cookies are being set upon notification and by you only, or cookies are always being set automatically.

6.7 You can access our cookie consent tool here and via the navigation section of our website. 

7. OWN WEB FONTS

This website currently only uses web fonts on its own servers for the uniform display of fonts. Access to Google LLC servers does not take place in this context.

8. DATA PROCESSING IN THE CONTEXT OF APPLICATIONS

8.1. If you send us an unsolicited job application or if you reply to a job vacancy advertisement, we process the data you provide in your application for the purposes of the application process. The legal basis for the this processing of data is Sec. 26 para. 1, 1. sentence of the German Federal Data Protection Act (Bundesdatenschutzgesetz - BDSG) in conjunction with Art. 88 para. 1 of the DSGVO. If we enter into an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions (the legal basis for this processing of data is Section 26 para. 1 of the BDSG, if applicable in conjunction with para. 8, 2nd sentence of the BDSG). If we are unable to offer you a job at the end of the application process, your application documents will be deleted two months after you have been notified of the rejection, provided that no legitimate interests of ours conflict with such deletion. Conflicting interests in this sense include, for example, the duty to provide evidence in proceedings under the German Act on Equal Treatment (Allgemeines Gleichbehandlungsgesetz – AGG); the legal basis for this is lit. (f) of Article 6 para. 1 of the GDPR.

8.2 In the event that you have consented to the continued storage of your data in writing or in electronic form, we may also process and use your data after the application process has been completed. The legal basis for this is lit. a of Art. 6 para. 1 1st. sent. Of the GDPR. The processing and use of the data enables us to contact you for professional purposes and to possibly consider you for a future job placement with us. You may revoke your consent at any time and without stating reasons, with effect for the future. In the event of revocation, your data will no longer be considered when filling vacancies. Your data will then be deleted in accordance with the applicable legal requirements.

9. E-MAIL-NEWSLETTER

9.1. When you register for our e-mail newsletter (hereinafter referred to as “newsletter”), we collect and process your e-mail address and any additional data you may have provided. We use this data exclusively for sending the respective newsletter for the purposes stated when registering for the newsletter. The registration uses the double opt-in procedure and completion therefore requires you click on the link provided in the confirmation e-mail and thus to confirm your consent to receive the newsletter. You may revoke your consent to receive a newsletter from us at any time. You may also unsubscribe using the link at the end of each newsletter. The legal basis for sending the newsletter is lit. (a) of Art. 6 para. 1 1st sentence of the GDPR, and § 7 para. 2 of the Act against Unfair Competition (Gesetz gegen den unlauteren Wettbewerb –UWG).

9.2 Our newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic embedded in emails sent in HTML format for log file recording and log file analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, we are able to recognize whether and when a data subject opened an e-mail and which of the links contained in the e-mail the data subject opened.

9.3 We store and analyze such personal data collected using the tracking pixels contained in the newsletters in order to optimize the dispatch the newsletters, as well as to adapt the content of future newsletters even better to the interests of the data subject. These personal data will not be passed on to third parties. Data subjects are entitled at any time to revoke the respective declaration of consent separately given during the double opt-in procedure. Following such revocation, we will delete this personal data. Unsubscribing from the newsletter constitutes a revocation of such consent.

10. REGISTRATION FOR OUR EVENTS

10.1 Description and scope of data processing activities 
You can register for information and customer events on our website. To do so, you can provide personal information in the registration forms. Information strictly required for registration is marked with an asterisk “*”. You cannot register without providing such information. Any other information may be provided voluntary and is not required for participation in our events.

Depending on the type of event, different data is requested. The following data is processed for each event: 
- First name, last name 
- Telephone number 
- Email address 
- Title 
- Date of birth 
- Position / department 
- Company / authority / NGO / association 
- Billing address

In addition, when booking an event there is the option of registering for our newsletter (please refer to our information on the dispatch of newsletters under “E-mail newsletter” in this present Privacy Statement).

10.2 Legal basis for data processing
The legal basis for the processing of the data is, in addition to lit. (b) of Art. 6 para. 1 1st. sentence of the GDPR (regarding mandatory information), your consent in accordance with lit. (a) of Art. 6 para. 1 1st. sentence of the GDPR.

10.3 Purpose of the data processing 
We process your information solely for the purpose of conducting the event for which you are registering. 

10.4 Duration of storage 
The data will be deleted as soon as it is no longer required for the purpose for which it was collected. This is generally the case after five years. Longer data retention periods may arise in accordance with lit. c of Art. 6 para. 1 1st sentence of the GDPR where required due to tax and commercial law storage and documentation obligations, as well as due to regulations that apply to our company. 

10.5 Objection and removal options 
You can revoke your consent at any time. Following such a revocation, we will only process your data to the extent necessary for the execution of the contract concluded with you and/or to the extend further storage obligations exist.

11. LINKING TO OTHER WEBSITES AND PLUG-INS

11.1 On our website, we may include links – including by way of icons – to the websites of other providers, e.g. to Facebook, Instagram, LinkedIn, Xing or YouTube. Should you click on such a link on the website, we have, unfortunately, no longer any influence on the collection, processing and use of your data by third parties. Therefore, we do not and, unfortunately, cannot assume any responsibility for any such collection, processing or use.

11.2 Our website currently uses YouTube and Userlike plug-ins as well as plugins for the use of Google Analytics 4, Ads and Maps, insofar as provided for in the respective sections of this present Privacy Statement.

12. GOOGLE ANALYTICS 4, GOOGLE TAG MANAGER, GOOGLE ADS AND GOOGLE MAPS

12.1 We use the web analysis service Google Analytics 4 of Google Ireland Limited, Google Building Gordon House, 4 Barrow Street, Dublin D04 E5W5, Ireland (“Google”) on our website to analyze and optimize its use. For this purpose, we use Google cookies. The respective processing of data may also take place outside the European Union (EU) or the European Economic Area (EEA).

12.2 The legal basis for the processing is, insofar as you are affected by data processing with personal reference to you, your consent in accordance with lit. (a) of Art. 6 para. 1 1st. sentence of the GDPR .

12.3 The decision for and our use of these web analysis services is based on the European Commission's adoption of the adequacy decision on the EU-U.S. Data Privacy Framework on July 10, 2023, according to which certified companies explicitly guarantee the same level of protection as the GDPR (https://ec.europa.eu/commission/presscorner/detail/en/ip_23_3721, as of July 2, 2024). Google is such a certified company (see policies.google.com/privacy/frameworks, as of July 2, 2024).

12.4. Alternatively, the following also applies to transfers to third countries: In order to ensure the level of data protection in a third country, contractual clauses on EU standards are in place with the provider.

12.5. Google acts as a data processor for Google Analytics in accordance with the Google Ads Data Processing Terms.

12.6. We use tags on websites and an SDK for mobile apps in order to be able to use Google's analysis products. Based on this collection of measured data, we can better understand our users' needs and, where appropriate, offer them a personalized experience and relevant advertising. Google Tags use cookies or App Instance IDs to measure user interactions. These identifiers provide information about user behavior. However, non-personally identifiable information is sent to Google Analytics, i.e. which is understood to extend to the data listed as follows: support.google.com/analytics/answer/7686480, as of 02.07.2024. The “Best Practices” issued by Google (see support. google.com/analytics/answer/6366371?sjid=17481075517372667980-EU#zippy=%2Cthemen-in-diesem-artikel, as of July 2, 2024) are being observed.

12.7. Google's privacy policy can be found under: policies.google.com/privacy, as of July 2, 2024.

12.8. The systems, applications, people, technologies, processes and data centers behind a variety of Google products, including Google Analytics, are ISO 27001 certified. Regarding the certification, see: support.google.com/analytics/answer/3407084, as of July 2, 2024. Regarding ISO 27001, see: www.iso.org/standard/27001.

12.9. Google Analytics primarily uses its own cookies to record your interactions on our website. You can disable cookies or delete them individually. Google Analytics also supports an optional browser add-on (see tools.google.com/dlpage/gaoptout/. If you install and activate it, Google Analytics will not collect your data when you visit websites. However, the add-on deactivates data collection by Google Analytics only. If a website or app uses the Google Analytics for Apps SDK or the Google Analytics for Firebase SDK, an app instance ID is recorded in Google Analytics. This is a randomly generated number that identifies a single app installation. If a user resets their advertising ID on Android or iOS, the app instance ID is also reset.

12.10. Google Analytics sets its own cookies and collects data about the device or browser, IP addresses and website or app activities as follows. This is used to analyze and generate reports on user interactions on websites and in apps that use Google Analytics. By default, location and device data are being collected, namely: city, latitude (of the city), longitude (of the city), minor version of the browser, user agent string of the browser, device brand, device model, device name, minor version of the operating system, minor version of the platform, screen resolution. Regarding IP addresses, see clause 11.11 below.

12.11. IP anonymization is carried out, but the IP address is shortened by the last octet. In principle, Google Analytics deletes all IP addresses collected from users in the EU before they are recorded via EU domains and servers. IP address data is used to derive location data for clause 11.10 above and immediately deleted thereafter. The location indicated by the IP address is decisive.

12.12. The data retention period on Google servers is 1 year. We will delete your data from Google Analytics upon request by sending your ID to Google Analytics User Deletion API or using the User Explorer report. However, the aggregated data associated with you, such as page URLs visited, will not be deleted. We can use the User Explorer report or the User Activity API to retrieve event data for your ID. This allows us to analyze and export data at the event level for individual users.

12.13. Our website uses Google Ads in conjunction with Google Analytics 4 and the data collected by it. The provisions set out above for Google Analytics 4 apply accordingly. Anonymous statistics are created by using cookies to record the traffic from Google Ads placed on our website. You can disable this feature in the advertising settings and change your preferences for this cookie.

12.14. Our website uses Google Maps to display maps and/or travel directions. If you use the displayed plugin, data such as your IP address and other data that connects it with the use of our website may be collected and stored on Google servers and cookies may be set. The data protection declaration in clause 11.7 above applies.

13. DATA SHARING

13.1. We do not transfer your personal data to third parties for purposes other than those listed below. 

13.2. We only disclose your personal data to third parties if:

You have given your express consent to do so in accordance with lit. a of Art. 6 para. 1 1st. sentence of theGDPR, disclosure is required in accordance with lit. f of Art. 6 para. 1 1st. sentence of the GDPR to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data, in the event that there is a legal obligation for the disclosure according to lit. c of Art. 6 para. 1 1st. sentence of the GDPR, as well as this is legally permissible and required for the processing of contractual relationships with you according to lit. b of Art. 6 para. 1 1st. sentence 1 of the GDPR. 

14. RIGHTS OF THE DATA SUBJECT

You have the right: 

- in accordance with Art. 15 of the GDPR, to request information about your personal data processed by us. In particular, you may request information about the purposes of the processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data, if not collected by us, and the existence of automated decision-making including profiling and, where applicable, meaningful information about the details thereof;

- to demand, in accordance with Art. 16 of the GDPR, the immediate rectification of incorrect or incomplete personal data stored by us;

- to request the erasure of your personal data stored by us in accordance with Art. 17 of the GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;

- to request the restriction of the processing of your personal data in accordance with Art. 18 of the GDPR, insofar as the accuracy of the data is contested by you, the processing is unlawful but you refuse to allow its erasure and we no longer require the data, but you require it for the assertion, exercise or defense of legal claims or you have objected to the processing in accordance with Art. 21 of the GDPR;

- in accordance with Art. 20 of the GDPR, to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller;

- in accordance with Art. 7 para. 3 of the GDPR, to withdraw your consent to us at any time. As a result, we are no longer allowed to continue the data processing based on this consent in the future, and

- in accordance with Art. 77 of the GDPR, to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your place of habitual residence or place of work or our company headquarters for this purpose.

- to object to the processing of your personal data in accordance with Art. 21 of the GDPR, provided that your personal data are processed based on legitimate interests in accordance with lit. f of Art. 6 para. 1 1st. sentence of the GDPR and provided that there are reasons for this that arise from your particular situation (right to object).

If you wish to exercise your right to object, please write to:
MPRINT Morlock Gmbh + Co. KG
Ruhesteinstraße 349
DE-72270 Baiersbronn

Fax.: +49 7442 4979-150
E-Mail: info@mprint.de

15. NO AUTOMATED DECISION-MAKING

We do not use the data collected to make automated decisions.

16. UP-TO-DATE-NESS, AMENDMENTS TO THIS PRIVACY UP-TO-DATE-NESS, AMENDMENTS TO THIS PRIVACY STATEMENT  STATEMENT

This present Privacy Statement is currently valid and was last updated in November 2024. It may become necessary to amend this Privacy Statement as a result of further development of our website or due to changes in legal or official requirements. You can access and print out the latest and currently valid privacy statement at any time on the website under “Privacy Statement”.