Data Privacy

Welcome to our website and thank you for your interest in our company. We take the protection of your personal data very seriously. We process your personal data in compliance with the applicable statutes and regulations regarding the protection of personal data, in particular the EU General Data Protection Regulation (GDPR) and the country-specific implementing legislation. This data privacy statement contains all you need to know about the processing of your personal data by the companies of the Mayer Group and the rights to which you are entitled.

Personal data is defined as data that enables the identification of a natural person. It includes, in particular, name, date of birth, address, telephone number, e-mail address and IP address.

Data is said to be anonymous if it cannot be assigned to a particular user.

Data controller and data protection officer

Mayer-Kuvert-network GmbH
Wannenäckerstraße 65
74078 Heilbronn

Telephone: 07131 / 728 0
Fax: 0 7131 / 172 675
E-mail: srvcmyr-ntwrkcm

Contact information for data protection officer:
dtnschtzmk-ncm

Our website only uses cookies which are technically necessary. These cookies make our web services more secure, effective and user-friendly and are essential when it comes to operating the website and making sure it remains functional. Cookies are small text files that are sent to your terminal device and stored there. The legal basis for the storage of cookies is our legitimate interest in the operation of our website (Art. 6(1), sentence 1, lit. f GDPR). We also use cookies without your consent provided their sole purpose is for storing and accessing information on your terminal device in order to send a message, or if they are essential for the rendering of any service you have expressly requested (§ 25(2) TDDDG [Telecommunications and Digital Services Data Protection Act]).

We only use our own cookies.
The session cookies used are only valid for one browser session. They are deleted when the browser window is closed. These cookies are used solely for purposes of website management (e.g. remembering which menu items have been opened).

Most web browsers accept cookies automatically. You can, of course, deactivate, restrict or even delete the cookies on your terminal device by changing your browser settings accordingly or using appropriate software.

This cookie policy has been created and updated by CookieFirst.com.

Your rights as a data subject

To begin with, we would like to inform you of your rights as a data subject. These rights are regulated in Art. 15-22 GDPR. They include:

• the right of access (Art. 15 GDPR),
• the right to erasure (Art. 17 GDPR),
• the right to rectification (Art. 16 GDPR),
• the right to data portability (Art. 20 GDPR),
• the right to restriction of data processing (Art. 18 GDPR),
• the right to object to data processing (Art. 21 GDPR).

Please contact dtnschtzmk-ncm if you wish to exercise any of these rights. The same applies if you have any questions about how our company processes data. You also have the right to lodge a complaint with a data protection supervisory authority.

Rights to object

Please note the following with regard to rights to object:
If we are processing your personal data for purposes of direct marketing, you have the right to object to this form of data processing at any time without giving any reasons. The same applies to any profiling carried out in connection with our direct marketing activities.
Once we receive your objection, we will cease processing your personal data for these purposes. You can lodge an objection informally and free of charge, preferably by sending an e-mail to: dtnschtzmk-ncm.

If we process your data to protect our legitimate interests, you may object to this processing at any time for reasons arising from your specific situation; the same applies to any profiling based on these provisions.
We will cease processing your personal data as soon as we receive your objection unless we can demonstrate compulsory grounds for the processing that are worthy of protection and outweigh your interests, rights, and freedoms, or unless the processing is necessary to assert, exercise or defend legal claims.

Your personal data is processed in compliance with the provisions set out in the GDPR, the German Data Protection Act (BDSG), and all other applicable data protection legislation. The legal bases for the processing of your data are defined first and foremost in Art. 6 GDPR.

We use your data to initiate business transactions, to fulfil legal and contractual obligations, to execute contracts, to offer products and services, and to strengthen our customer relations. These activities may also encompass direct marketing and the performance of analyses for marketing purposes.
Your consent also constitutes a granting of permission within the meaning of data protection law. In these situations, we inform you of the purposes of the data processing and your right to object. If your consent is also required for the processing of special categories of personal data, we will expressly call your attention to this when we request it.

Special categories of personal data within the meaning of Art. 9(1) GDPR are only processed if this is required by law and if there is no reason to assume that the processing is outweighed by your legitimate interest in excluding the data from processing.

Transfer to third parties

We will only transfer your data to third parties if this falls within the framework of the law or if you consent to us doing so. Otherwise, your data will not be transferred to any third party unless mandatory provisions of law oblige us to do so (transfer to external bodies such as supervisory authorities or law enforcement agencies).

Data recipients / categories of recipients

We ensure that your data is only made available to those persons within our company who require it in order to fulfil our contractual and statutory obligations.

In many cases, we engage service providers to support our specialist departments in the performance of their tasks. The necessary data protection agreements have been concluded with all these service providers. Most of the service providers contracted by our company are printers, print processors, logistic experts, paper manufacturers and credit insurers.

Secure transfer of your data

We take appropriate technical and organisational security measures to protect the stored data as effectively as possible from accidental or intentional manipulation, loss, destruction or unauthorised access. Security levels are continually reviewed and adapted to new security standards in cooperation with security experts.

Data sent to and from our website is encrypted before transmission. We offer HTTPS as the transmission protocol for our web presence, using the current encryption protocols in each case. You also have the option of using alternative communication channels (e.g. postal mail).

Transfer to third countries / intention to transfer to a third country

Data is only transferred to third countries (outside the European Union or the European Economic Area) if this is necessary for executing the contract, if it is required by law, or if you have consented to us doing so (Art. 49(1), sentence 1, lit. a EU GDPR). In cases like these, you will be informed separately of the associated risks when we request your consent.

Furthermore, please note that your data may be processed outside the European Union. Compliance with the European data protection standards for data transfer and processing in third countries is ensured through contractual agreements and the certification of service providers (e.g., under the US-EU Data Privacy Framework. Data may also be processed and/or stored in third countries on the basis of your consent (Art. 49(1), sentence 1, lit. a GDPR). In cases like these, you will be informed separately of this, and of the option to object, when your consent is requested.

Data storage period

We will store your data for as long as it is needed for the respective processing purpose. Please note that there are a number of statutory retention periods which require that your data may (have to) be stored for longer. This applies in particular to retention periods under commercial and tax law (e.g. the German Commercial Code, German Fiscal Code, etc.). Data is routinely erased when it is no longer needed except in cases where we are obliged to keep the data on file for longer. We may also retain your data if you have given us your permission to do so, or if legal disputes arise and your data is needed as evidence within the framework of statutory limitation periods, which may amount to up to thirty years; the regular limitation period is three years.

Obligation to provide data

Various types of personal data are required to establish, implement and terminate the contract and to fulfil the associated contractual and statutory obligations. The same applies to the use of our website and the various functions it offers.

We have summarised the relevant details above. In certain cases, data may also have to be collected or made available for legal reasons. Please note that we cannot deal with your request or execute the underlying contract unless this data is provided.

Categories, sources and origin of data

The data we process is determined by the respective context. It depends for example on whether you are placing an order online, entering an enquiry in our contact form, sending us an application, or making a complaint.

Please note that we may also provide information regarding specific processing situations in the appropriate places, e.g. when you upload application documents or send us a contact request.
When you visit our website, we collect and process the following data:

The IP address assigned and log files generated by your internet service provider. This data is stored for technical security reasons (in particular to prevent attacks on our web server) in accordance with Art. 6(1), sentence 1, lit. f GDPR. The data is stored for seven days, while the access log files are stored for 14 days.

Contact form / e-mail contact (Art. 6(1)(a) (b) GDPR)

Our website contains a contact form that you can use to get in touch with us electronically. If you use the contact form to write to us, we will process the data you enter into the contact form to contact you and respond to your queries and requests.

In compliance with the principle of data minimisation and data avoidance, you are only required to provide the data that is essential to us for establishing personalised contact with you. This consists of your e-mail address, your name, the subject field and the message itself. We also process your IP address out of technical necessity and for purposes of legal protection. All other data fields are optional, and you may choose whether to enter your information into them (e.g. so that we can answer your questions more individually).
If you contact us by e-mail, we will process the personal data you disclose in your mail solely for the purpose of responding to your query. If you do not contact us using the forms provided, no other data will be collected.
When you send us a contact request, we collect and process the following data:
• Surname, first name
• Company name
• Contact data (address, telephone number and email address)
• Message

We embed external fonts (Google Fonts) into the e-mails sent in response to contact requests (confirmation e-mails). Google Fonts is a service provided by Google Inc. ("Google"). These fonts are embedded by accessing a server, usually a Google server in the USA. During this process, Google stores the IP address of the terminal device used to access the e-mail. Further information is provided in Google’s data privacy policy, which you can view here:

https://fonts.google.com/knowledge

www.google.com/policies/privacy/

We use Google Fonts in the interest of presenting our mails in a uniform and appealing manner. This is a legitimate interest within the meaning of Art. 6(1), sentence 1, lit. f GDPR.

Google processes and stores your data in the USA. Google is contractually bound to comply with EU data protection standards and guarantee the level of data protection required in the EU. Data may also be processed and/or stored in third countries on the basis of your consent (Art. 49(1), sentence 1, lit. a GDPR). In cases like these, you will be informed of this separately when your consent is requested.

Comment function (Art. 6(1), sentence 1, lit. a, b GDPR)

Our website allows you to compose and publish comments on blog contributions. When you write a comment, we process the data you provide so that your comment can then be published. Your comments are reviewed before we decide whether to approve and publish them.

In general, we adhere to the principle of data minimisation and data avoidance by only requiring you to provide the data that is absolutely necessary for us to process your comments. This data consists of:

• your e-mail address
• your name
• your company’s name
• and the comment itself.

We also process your IP address out of technical necessity and for purposes of legal protection.

Comments are published under the article in question and remain there until the article is deleted. Articles are deleted no more than three years after publication.

WLW (Wer liefert was?)

We use the service WLW (Wer liefert was?/Who supplies what?) offered by Visable GmbH (ABC-Straße 21, 20354 Hamburg, Germany) on the basis of our legitimate interest in the effective analysis and marketing of our products and services.

This service uses tracking pixel technology to collect, process and store data for the purpose of generating usage profiles that are pseudonymised or even completely anonymised where this is possible and expedient. This data, which may also include personal data, is transmitted to or directly collected by Visable, who use it to generate the usage profiles described above.
Please note that accessing the web page causes the tracking pixel to load and connect with Visable GmbH’s servers and transmit personal connection data. They include:
• IP address
• URL
• Referrer
• User agent
• Timestamp

The legal basis for the processing of the data is our legitimate interest in technical realisation pursuant to Art. 6(1), sentence 1, lit. f GDPR. No analysis can be performed unless the data is transmitted first.
However, the personal data listed above is not subject to any further processing in connection with the WLW service. The IP address and timestamp alone are processed for matching purposes, i.e. they are compared against IP addresses known to belong to corporate networks and internet connections. Any resulting matches are assigned to the respective company’s visit to the web page. Personal data is not stored or processed since the further profiling relates exclusively to companies and legal entities. The data is anonymised when the connection with the company profiles is dissolved. Once this has taken place, it is no longer possible to draw conclusions about individual persons.
If there is no match, the data is deleted immediately. Visitors to this website are not personally identified at any time, neither are the usage profiles combined with any other personal data. Any IP addresses identified as personal are deleted immediately.

Further information about WLW and Visable’s data privacy policy is available at https://www.visable.com/de_de/datenschutz-20211221

Use of Matomo

This website uses the service of Matomo in order to analyze the usage of our website and regularly enhance our services. Using those statistics allow us to enhance our offering and make it more interesting for you as a user. Legal base for the use of Matomo is your consent according to Art. 6 para. 1 lit. a) GDPR.

Your consent can be revoked at any time with effect for the future. In order to do so, just toggle our consent-management by clicking on the fingerprint-button at the bottom left and revoke your consent. Please mind that such adjustments are to be made separately for each device.

The data is stored for 180 days. 

This website uses Matomo with the expansion „AnonymizeIP“. Therefore, IP-addresses are cut before further processing, so they cannot be linked to a specific person. The IP-address that is being transferred by your browser will not be combined with other data collected by us. Furthermore, Matomo does not use any cookies.

Matomo is an open-source-project. You can find privacy-information of the service provider at https://matomo.org/privacy-policy/.

Google reCAPTCHA

Our website uses the reCAPTCHA service provided by the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). This tool enables us to determine whether input on our website was provided by a human or entered improperly by automated machine-based processing. It does so by loading image files and other matching and security mechanisms from Google servers. This provides Google with information about your activities on the web page in which reCAPTCHA is embedded. Your ID address and any other data required by Google for the reCAPTCHA service is transferred to Google on the basis of our legitimate interest in establishing personal responsibility in the internet and preventing spam and improper use (Art. 6(1), sentence 1, lit. f GDPR).

Google processes your data in a third country, i.e. the USA. Through contractual agreements and certification under the US-EU Data Privacy Framework, compliance with European data protection standards for data transfer and processing in third countries is ensured. Data may also be processed and/or stored in third countries on the basis of your consent (Art. 49(1), sentence 1, lit. a GDPR).

Data processing in connection with Google reCAPTCHA involves the use of Google fonts which – like the reCAPTCHA content – are loaded from Google’s external servers. Connection and traffic data (e.g. your IP address) are transmitted to these external servers during the process. This data is processed solely for the purpose of executing Google reCAPTCHA in the form described here.

You may withdraw your consent to the transfer of your data to the USA at any time with future effect. Please note that you must withdraw your consent separately for each terminal device.

Further information about Google data privacy guidelines is available at https://www.google.com/intl/mt-de/policies/privacy/ .

Google Maps

This website uses Google Maps, a map service provided by Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”). This feature allows us to display interactive maps directly on the website and makes the map function more convenient to use. Your data (IP address, connection data) is processed and transferred to Google on the basis of your express consent as set out in Art. 6(1), sentence 1, lit. a EU GDPR.

You can give your consent directly when using the embedded maps. Once you have given your consent, information about your use of our website (e.g. your IP address) will be transferred to Google’s servers in the USA and stored there. This happens regardless of whether you are logged in to a Google user account or whether no such account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish your data to be associated with your Google profile, you must log out before clicking on the button. Google stores your data (even if you are not logged in) in the form of usage profiles and analyses these. This analysis is based on your consent pursuant to Art. 6(1), sentence 1, lit. a GDPR and enables Google to show personalised advertising, conduct market research and/or display the website in a manner suited to your requirements.

You can withdraw your consent at any time with future effect. To do this, just change the settings accordingly. Click on the “Deactivate” link immediately below the map to withdraw your consent to the use of Google Maps. Please note that this change must be made separately for each terminal device.

Some of the data processing activities carried out by Google for the purpose of displaying content take place outside the European Union and European Economic Area. Through contractual agreements and certification under the US-EU Data Privacy Framework, compliance with European data protection standards for data transfer and processing in third countries is ensured. Data may also be processed and/or stored in third countries on the basis of your consent (Art. 49(1), sentence 1, lit. a GDPR). In cases like these, you will be informed separately of this, and of the option to object, when your consent is requested.

If you do not wish to have your data transmitted to Google in the future when using Google Maps, you also have the option of deactivating the Google Maps web service entirely by disabling the JavaScript application in your browser. You will then no longer be able to use Google Maps or display maps on this website.

You will find more information about how Google collects and uses data in Google’s data privacy policy at https://www.google.com/privacypolicy.html. Google’s data privacy centre also offers you the option of changing your settings so that you can manage and protect the personal data processed by Google.

Automated individual decisions

We do not use purely automated processing workflows to make decisions.

Our website also contains clearly identifiable links to the websites of other companies. We have no control over the content of web pages linked from our website. We can therefore accept no responsibility or liability for this content. The provider or operator of the respective website is invariably responsible for that website’s content.

The linked pages were reviewed for potential and identifiable legal violations at the time the link was created. No illegal content was identifiable at that time. However, we cannot be reasonably expected to continually review the linked pages with no concrete indication that they may contain illegal content. Links of this type will be removed immediately if we become aware of any violations of the law.

Our website contains links to the social media services provided by Facebook, LinkedIn and Instagram. Links to social media websites are identified by the respective corporate logo. If you click on these links, you will reach Mayer-Kuvert-network GmbH’s corporate presence with the brand WUNDERHUB on the respective social media service. Clicking a link to a social media service establishes a connection with that service’s servers. These servers are then informed that you have visited our website. Other data is also transferred to the provider of the social media service. This may include:

• Address of the web page on which the activated link has been inserted
• Date and time at which the web page was accessed and the link activated
• Information about the browser and operating system used
• IP address
If you are already logged into the respective social media service when you activate the link, the provider of that service may be able to determine your user name and possibly even your real name from the data transferred and could then associate it with your personal user account. You can prevent this data from being associated with your personal account by logging out of your account beforehand.
The servers used by these social media services are located in the USA and other countries outside the European Union. This means that the provider of the respective social media service may also process your data in countries that are not members of the European Union. Please note that companies in these countries are subject to data protection legislation that may not afford personal data the same degree of protection as that required in the European Union member states.

Moreover, please be aware that we have no control over the scope, nature and purpose of the data processing activities performed by the provider of the respective social media service. You will find further information about how your data is used by the social media services embedded in our website in the respective service’s data privacy guideline.

Our social media presence

Mayer-Kuvert-network GmbH maintains various social media pages for the brand WUNDERHUB. These are mainly found on Facebook, Instagram and LinkedIn. Insofar as we are able to control the processing of your data, we make sure that the applicable data protection regulations are complied with.

See below for the most important information about data privacy law as it relates to our social media presence.

Names and addresses of the parties responsible for operations
Besides Mayer-Kuvert-network GmbH, the parties responsible for each corporate presence within the meaning of the EU General Data Protection Act (EU GDPR) are:

• Facebook (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
• Instagram (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland)
• LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)

However, you use these platforms and their functions on your own responsibility. This applies in particular to the use of interactive functions (e.g. comments, shares, ratings).
Furthermore, please note that user data may be processed outside the European Union. This could constitute a risk, e.g. because it could be more difficult for users to assert their rights. Providers that process or store data in third countries are obliged to comply with European data protection standards through contractual agreements and certification under the US-EU Data Privacy Framework. Data may also be processed and/or stored in third countries on the basis of your consent (Art. 49(1), sentence 1, lit. a GDPR). In cases like these, you will be informed of this separately when your consent is requested.
We maintain the fan pages ourselves so that we can communicate with visitors and use this channel to inform them about our services.
We also collect data for statistical purposes so that we can develop and optimise our content and make our pages more appealing. The social media networks process the necessary data (e.g. the total number of page views, page activities, data provided by visitors, interactions) and place it at our disposal. We have no control over how it is generated and presented.
Providers of social media services also process your personal data for advertising and market research purposes. They may for example create usage profiles based on your user behaviour and the interests it reveals. These profiles can be used both in and outside the networks to display ads that match your interests. Cookies are usually stored on your computer for this purpose. However, data that was not collected directly from your terminal device can also be stored in your usage profiles. Data is also stored and analysed between multiple devices, in particular but not exclusively if you are registered as a member and have logged in to the respective platform. Otherwise, we do not collect or process any personal data in this context.
Mayer-Kuvert-network GmbH processes your personal data on the basis of our legitimate interest in efficient information and communication pursuant to Art. 6(1), sentence 1, lit. f EU GDPR.

If you are asked to consent to the processing of your data, i.e. if you declare your consent by clicking a button or similar (opt-in), the legal basis for the processing is Art. 6(1), sentence 1, lit. a., Art. 7 EU GDPR.

Your rights / right to object
If you are a member of a social media network and do not want the network to collect your data through our page and link it with your membership data, you must

• log out of the respective network before you access our fan page,
• delete the cookies on your device, and
• close and restart your browser.
Please note that this process must be carried out separately on each terminal device.
However, if you log back in, the network will again be able to identify you as a specific user.
Please refer to the following links for detailed information regarding the different types of processing and the options available for opting out:
• Facebook (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) – privacy policy: https://www.facebook.com/about/privacy/
Opt-out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com
• Instagram (Meta Platforms Ireland Ltd., 1601 Willow Road, Menlo Park, CA, 94025, USA) – privacy policy/ opt-out: http://instagram.com/about/legal/privacy
• LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland) – privacy policy https://www.linkedin.com/legal/privacy-policy ,
Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
In all, you have the following rights regarding the processing of your personal data:
• the right of access (Art. 15 GDPR),
• the right to erasure (Art. 17 GDPR),
• the right to rectification (Art. 16 GDPR),
• the right to data portability (Art. 20 GDPR),
• the right to restriction of data processing (Art. 18 GDPR),
• the right to object to data processing (Art. 21 GDPR).

You also have the right to lodge a complaint with a data protection supervisory authority.

However, since the company Mayer-Kuvert-network GmbH does not have full access to your personal data, you should contact the social media provider directly when exercising this right. These providers can access their users’ personal data and are thus able to provide relevant information and take appropriate measures.

We will of course try to support you if you still require assistance. Please contact datenschutz@mk-n.com

Advertising to regular customers (Art. 6 Abs. 1 lit. f DS-GVO)

Mayer-Kuvert-network GmbH is interested in maintaining a customer relationship with you and sending you information and offers relating to our products / services. This means we process your data in order to send you relevant information and offers by e-mail or postal mail.

If you do not wish us to do this, you can object to the use of your personal data for direct marketing purposes at any time; the same applies to any profiling associated with this direct marketing. If you lodge an objection, we will cease processing your data for this purpose.

You can send us your objection informally and free of charge without giving any reasons. We would prefer it if you did so by calling us on +49 7131 728 238, sending an e-mail to datenschutz@mk-n.com or writing to us at Mayer-Kuvert-network GmbH, Datenschutz [Data Protection], Wannenäckerstraße 65, 74078 Heilbronn.