Data Privacy Statement
We are pleased to welcome you to our website and with your interest in m3 management consulting GmbH. Not only is offering our customers end-to-end support very important to us, but so is ensuring that your personal information is protected.
The following explains the actions we take when you visit our website – naturally in compliance with applicable data security regulations, which information we collect and how we process it.
Should our data privacy statement change, it will be updated on this page in order to keep you informed as to which data m3 management consulting GmbH stores and uses.
The most important data privacy information can be found below. We have organized the information by topic.
I. Name and address of the responsible party
Responsible for the collection, processing and use of your personal data pursuant to the EU General Data Protection Regulation is:
m3 management consulting GmbH
Robert-Bürkle-Strasse 1
85737 Ismaning
Germany
Telephone: +49 89 1392850-0
Telefax: +49 89 1392850-13
E-mail: info@m3maco.com
Should you wish to object to the collection, processing or use of your data by m3 management consulting GmbH as set forth in these data privacy policies as a whole or in regard to specific measures, please e-mail, fax or mail your objection to the aforementioned address.
II. Name and address of the data protection officer
Data protection officer of the responsible party is:
Andreas Bröcking
m3 management consulting GmbH
Robert-Bürkle-Strasse 1
85737 Ismaning
Germany
Fax: +49 89 1392850-13
E-mail: Datenschutz@m3maco.com
III. General information on data processing
1. Why we use data
We wish to constantly improve our offers and make them more attractive. The only way for us to optimize the contents of the msg Internet sites to better meet your demands is to identify which sections of our Internet sites are most commonly visited and on which the most time is spent. Should you entrust us with your personal information, m3 management consulting GmbH shall use such for the technical administration of the websites, customer management, product surveys and marketing; however, we shall only do so to the extent that is necessary. The more we understand what you want, the faster you will be able to find the information you are looking for on our Internet sites.
2. Information on the collection of personal information
Visiting websites of the msg group is possible in principle without the transfer of personal data. This, however, requires that only the minimum setting be selected in the cookie window upon your first visit.
Data approved by you for our analysis is generally only recorded anonymously and passed on to analysis services. You can also define the selection of service providers yourself.
In the following, we inform you about the collection of personal data when using our forms on the websites. Personal data is all data that can be related to you personally, e.g., name, address, e-mail addresses, user behavior.
If you request information on our pages, which we only provide to customers and interested parties, or if you wish to take advantage of a personalized consulting service, you will be asked to provide personal information such as name, address or telephone number. This data is subject to special provisions, which you are expressly advised of before submitting your data/request to us and which you confirm by submitting it to us:
“I hereby consent to my personal information (including my telephone number and/or e-mail address) being collected, processed and used for the purpose of contract processing and/or potential customer opportunities, surveys and information. Any forwarding to third-parties, with the exception of the companies of the msg group, is excluded. I have the right to revoke this consent from m3 management consulting GmbH, 85737 Ismaning/Munich, at any time.”
In addition to the information you share with us, we also analyze how you use our services and offers in order to lead you to the information that might interest you more quickly and in order to constantly optimize our service.
3. Legal basis for processing personal information
Numeral 6, Para. 1, Item a of the General Data Protection Regulation (GDPR) forms the legal basis for any consent we obtain from relevant persons for the operations involved in processing personal information.
Numeral 6, Para. 1, Item b of the General Data Protection Regulation (GDPR) forms the legal basis for the processing of personal information in order to fulfill a contract when the relevant person is one of the contract parties. This includes processing operations necessary to complete measures that precede the contract.
Numeral 6, Para. 1, Item c of the General Data Protection Regulation (GDPR) forms the legal basis for the processing of personal information to the extent such is necessary in order to comply with legal obligations to which our company is subject.
Numeral 6, Para. 1, Item f of the General Data Protection Regulation (GDPR) forms the legal basis for any processing necessary to ensure a legitimate interest of our company or a third party, as long as such do not outweigh the interests, fundamental rights and fundamental freedoms of the person in question.
4. Data deletion and retention period
The personal information of the relevant person shall be deleted or locked as soon as the purpose for which such was stored is no longer applicable. Storage beyond such is possible if provided by European or national lawmakers in laws or other regulations to which the responsible party is subject under Union law. Data shall also be locked or deleted once the retention period prescribed in the given norms expires, unless storage of the data is still required in order to conclude or fulfill a contract.
IV. Use of cookies and third-party services
1. Description and scope of data collection
Consent to the use of services is given through Usercentrics Consent Management. A visit to the msg websites is not possible without prior selection and confirmation of the services used. The settings selected by the user can be extended and/or revoked at any time.
2. Usercentrics Consent Management Platform
To view the full privacy policy, you must deactivate your pop-up blocker.
3. Online applications
Any information you provide when applying for a position using our online application form will be stored in our applicant management system. m3 management consulting GmbH does not share said data with third parties outside the group of companies.
More information on online applications can be found in the data privacy statement of our applicant management system at https://www.m3maco.com/en/data-privacy-recruiting.
V. User registration
1. Description and scope of the data collection
Our Internet site offers users the option to register by providing personal information (e.g., in order to register for events or career events). During that process, information is entered on an input screen and transmitted to us in encrypted form and stored. The information is not shared with third parties outside the group of companies. The following information is collected during the registration process:
- Form of address (required field)
- First name (required field)
- Last name (required field)
- E-mail (required field)
Further personal information may be requested depending on the event.
The user’s consent to having this information processed is obtained during the registration process.
2. Legal basis for the data processing
Legal basis for processing information once the user’s consent has been obtained is Numeral 6, Para. 1, Item a of the General Data Protection Regulation (GDPR).
3. Purpose of the data processing
User registration is required for the provision of certain content and services on our website, such as:
- Registering for events or career events (e.g., university fairs)
- Publication requests (e.g., customer magazines, studies or whitepapers)
- Feedback on the “Public Sector” customer magazine
VI. Rights held by the affected person
Anytime your personal information is processed you are considered an affected person pursuant to the GDPR and you have the following rights in connection with the responsible party:
1. Right to disclosure
You have the right to request information on the scope, origin and recipient of stored information, as well as the purpose of the storage, at no charge to you.
2. Right to correction
You have the right to demand a correction and/or completion from the responsible party should the processed personal information related to you be incorrect or incomplete. The responsible party must make the corrections without delay.
3. Right to deletion
You have the right to request that the responsible party immediately delete any personal information related to you and the responsible party is required to delete said data without delay should any of the following reasons apply:
(1) The personal information related to you is no longer required for the purpose it was collected or processed in any other manner.
(2) You revoke the consent on which the processing was based pursuant to Numeral 6, Para. 1, Item a or Numeral 9, Para. 2, Item a of the General Data Protection Regulation (GDPR) and there is no other legal basis for the processing.
(3) You submit an objection to the processing pursuant to Numeral 21, Para. 1 of the General Data Protection Regulation (GDPR) and no legitimate reasons for the processing that have precedence over your objection exist, or you submit an objection to the processing pursuant to Numeral 21, Para. 2 of the General Data Protection Regulation (GDPR).
(4) The personal information related to you was processed unlawfully.
(5) The deletion of the personal information related to you is necessary in order to meet a legal obligation under Union law or the law of the member states to which the responsible party is subject.
(6) The personal information related to you was collected in relation to services offered by the information company pursuant to Numeral 8, Para. 1 of the General Data Protection Regulation (GDPR).
4. Right to data portability
You have the right to obtain the personal information related to you and which you shared with the responsible party in a structured, commonly used and machine-readable format.
5. Right of objection
You have the right, for reasons arising from your particular situation, to object to the processing of personal information related to you, which was being processed pursuant to Numeral 6, Para. 1, Item e or f of the General Data Protection Regulation (GDPR), at any time; this includes any profiling based on these policies.
The responsible party will cease processing any personal information related to you unless they can provide proof urgent, protection-worthy reasons for the processing that outweigh your interests, rights and freedoms or unless the processing serves the enforcement, exercising or defense of legitimate claims.
You have the right to revoke your privacy consent statement at any time. Revoking your consent shall not affect the legitimacy of the processing that was performed with your consent up to the time your consent was revoked.
6. Right to submit complaint to supervisory body
Notwithstanding other administrative or legal remedy, you will generally have the right to submit a complaint to a supervisory body, specifically in the member state of your place of residence, your place of employment or the location of the alleged breach, if you are of the opinion that the processing of the personal information related to you violates the GDPR.
The supervisory body to which the complaint is submitted shall inform the complainant of the status and results of the complaint, including the option of legal remedy pursuant to Numeral 78 of the GDPR.
Version: 01/09/2022