If you have any questions about your privacy when using our website, please contact firstname.lastname@example.org.
The data protection declaration of MĀRA is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration should be legible and understandable for the general public, as well as our customers and business partners. To ensure this, we would like to first explain the terminology used.
In this data protection declaration, we use, inter alia, the following terms:
Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
Controller or controller responsible for the processing
Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Name and address of the controller
Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
What personal information we collect
We collect any personal information you voluntarily give us and that personally identifies you including contact information such as your name, email address, address or company address, phone number and other information about yourself and/or your business.
Methods of collection
We collect personal information from you when you submit online forms on our website, email us with an enquiry, or call us.
We also collect information automatically about your visit to our website, which may become paired with your personal information, please see our cookies section for more information.
How we use your personal information
We may process your personal information to:
1. Improve your experience when using our website by personalizing the content you see
2. Send you information by email, post or other means, relating to our business
3. Maintain internal records
Our lawful basis for processing your information in this way is our legitimate interest in marketing our services to you.
We will never sell your personal information to any third party and will not share your data with any other data controllers unless compelled to do so by law.
Our use of your personal data may include occasional email marketing.
You may opt out of any of our email marketing types using the email preferences center accessible from links at the bottom of any marketing email we send, or by contact email@example.com.
If you would like to receive our newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties.
We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a) GDPR. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the “unsubscribe” link in the newsletter. The data processed before we receive your request may still be legally processed.
The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for a member area) remain unaffected.
We use an external service provider, HubSpot Email, for the technical distribution of the newsletter. HubSpot Email is a service provided by HubSpot, Inc., for managing e-mail addresses and sending messages. Hubspot is certified under the EU-US Privacy Shield. HubSpot processes your data exclusively on our behalf and in accordance with our instructions (and is thus what is referred to as a “processor” in accordance with Article 28 GDPR); it has also taken appropriate technical and organizational steps to protect your rights.
Data processing in the context of further online presences
If you communicate with us through these online presences, we will process the data in your messages and posts based on the content contained therein, and based on the purposes pursued with the communication, on the basis of either Article 6 (1) (1) (b) GDPR or Article 6 (1) (1) (f) GDPR.
We are represented in the following online platforms:
Facebook page is used for active communication with our customers and prospective customers. We may use this platform to provide information about our events. When you visit our Facebook page, your data can be automatically collected and stored for purposes of market research and advertising. These data are used, along with pseudonyms, to create what are known as “user profiles.” For this purpose, the cookies typically placed on your device store a record of visitor behavior and the user interests. Facebook provides further information on this under the following link: https://www.facebook.com/help/pages/insights.
Within the framework of a balancing of interests, the statistical information provided by Facebook about the use of the Facebook page (“Facebook Insights”) is used in accordance with Art. 6 (1) (f) GDPR in exercise of our overriding legitimate interest in an optimized presentation of our offerings and effective communication with customers and prospective customers.
Data are processed on the basis of an agreement between joint controllers in accordance with Art. 26 GDPR. This agreement can be consulted here:
Facebook has its registered office in the USA. The European Commission has passed an adequacy decision the USA. This goes back to the EU-US Privacy Shield, to which Facebook has submitted: https://www.privacyshield.gov/EU-US-Framework. You can find a link to the opt-out here: https://www.facebook.com/settings?tab=ads
You’ll find privacy information at Twitter (Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA) here: www.twitter.com/privacy.
If you would like to object to future data collection by Twitter, you can set an opt-out cookie here: https://twitter.com/personalization
Insofar as data are processed outside the EEA, where there is no level of data protection in place that satisfies the European Standard, this is done on the basis of the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO
Information about data protection at Instagram (Instagram LLC., 1601 Willow Road, Menlo Park, CA 94025, USA) and an opportunity to object can be found here: http://instagram.com/about/legal/privacy/
Pinterest complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Information about data protection at Pinterest (Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland) can be found here: https://policy.pinterest.com/en/privacy-policy
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Access to your personal information
You have the right to access any information we hold about you.
To request access please email firstname.lastname@example.org using the email address we hold for you or otherwise proving your identity.
We will provide the information free of charge and within one month.
Rectification of personal information
If any of the information we hold on you is inaccurate or incomplete, you make ask us to correct or complete it at any time.
Your right of erasure, or to be forgotten
You may request the deletion of any email we hold on you at any time.
Be aware that requesting deletion, unlike unsubscribing from specific emails, is total and irreversible. This means that we will also lose record of you having ever been on our systems, including any previous instructions you have given us opting out of specific emails types. If you re-join our systems, by voluntarily providing your personal information, you will appear to us as a completely new data subject. This does not affect your other rights in any way.
To request deletion of your personal information, contact info@MĀRA.com using the email address we hold for you or otherwise proving your identity.
We will delete your information for free and within one month of receiving your request.
Cookies are very small text files that are stored on your computer when you visit some websites.
We use a combination of session cookies and persistent cookies in order to track how you use and experience our website, build anonymous statistical data about how our website is performing, and to power the personalization of website content to you.
The types of cookie you can expect to see in use on our website are from:
• HubSpot – our marketing automation and CRM system
• Cloudflare – web performance and security software deployed by HubSpot
• Google Analytics – statistical analysis of website performance
• Facebook – advertising and targeting provider
• Hotjar – anonymous visitor recordings and interaction heatmaps
Plugins and Tools
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited. If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.
Social Media Features
If you do not want these companies to associate your visit to our site with your account, please log out of your account.
Shariff Share Buttons in News
In order to prevent data from being transferred to service providers without the user’s knowledge, we use the so-called Shariff solution in our blog articles. This solution ensures that no personal data is initially passed on to the providers of the individual social plug-ins when you visit our websites. Only when you click on one of the buttons of the social plugins can data be transferred to the service provider and saved there. More information about the Shariff solution can be found at https://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html (in German).
The cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. This information is completely anonymous. Information on how to opt out of Google Analytics can be found at https://tools.google.com/dlpage/gaoptout
Google Web Fonts
For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
For this purpose your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
If your browser does not support web fonts, a standard font is used by your computer.
This site uses the Google Maps map service via iframe. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Thus, when you visit our pages about the plugin a direct connection can be established between your browser and the Google server. This enables Google to receive information that you have visited our site. This means that Google can associate visits to our pages with your user account.
The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
Further information about handling user data, can be found in the data protection declaration of Google at https://www.google.de/intl/de/policies/privacy/.
If you do not want Google to associate your visit to our site with your Google account, please log out of your Google account.
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our websites. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).
reCAPTCHA is used to check whether the data entered on our website (such as on a contact form) has been entered by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis starts automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the visitor has been on the website, or mouse movements made by the user). The data collected during the analysis will be forwarded to Google.
The reCAPTCHA analyses take place completely in the background. Website visitors are not advised that such an analysis is taking place.
Data processing is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in protecting its site from abusive automated crawling and spam.
We use SurveyMonkey (SurveyMonkey Europe UC, 2nd Floor, 2 Shelbourne Buildings, Shelbourne Road, Dublin, Ireland) to conduct surveys. We conduct the surveys in order to continuously improve our range of services according to your feedback. That’s why your opinion is very important to us. If you decide to participate in the survey, SurveyMonkey will collect information about your device, IP address, the version of your operating system, and information on the browser type.
As part of the survey, we may query the gender, age, status and position of the participants for purely statistical purposes. We do this in order to be able to include social components in assessments of the results and to optimize them accordingly. In addition, you may voluntarily provide your first and last name as well as an e-mail address (“voluntary information”). We usually request this information when we offer a prize drawing among the participants. We need your voluntary information in order to contact you in the event that you win a prize. However, this information will be deleted once the prize drawing is completed.
The processing of your data is based on consent, Art. 6 (1) (a). Participation is on a voluntary basis.
You can contact us at any time to request erasure of your survey data, including personal data. Individual responses cannot be corrected after the fact once the survey has been submitted, however.
SurveyMonkey collects your information on our behalf in order to create reports with which we can analyze your satisfaction with our services offering and evaluate your suggestions.
You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our site and Hotjar’s use of tracking cookies on other websites by following this opt-out link: https://www.hotjar.com/legal/compliance/opt-out.
HubSpot uses a tracking tool to help us determine how many of you have opened our newsletters and which of the links they contain have been clicked. HubSpot is a service of Hubspot Inc., is an American company with a branch in Ireland (Contact: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland, Tel.: +353 1 5187500). HubSpot is certified under the EU-US Privacy Shield. Technical information is collected in the course of this, such as information about your browser, the system you use and your IP address and time of retrieval. This information is used for the technical improvement of the services. The legal basis for this is Article 6 (1) (1) (f) GDPR, since we have a legitimate interest in learning user behavior as it involves the opening of our newsletters. This permits us to optimize our services and to operate the newsletter service economically as well.
If you do not want Spotify to associate your visit to our site with your Spotify account, please log out of your Spotify account.
The California Consumer Privacy Act (CCPA) requires us to disclose categories of Personal Information we collect and how we use it, the categories of sources from whom we collect Personal Information, and the third parties with whom we share it, which we have explained above.
We are also required to communicate information about rights California residents have under California law. You may exercise the following rights:
Right to Know and Access
You may submit a verifiable request for information regarding the: (1) categories of Personal Information we collect, use, or share; (2) purposes for which categories of Personal Information are collected or used by us; (3) categories of sources from which we collect Personal Information; and (4) specific pieces of Personal Information we have collected about you.
Right to Equal Service
We will not discriminate against you if you exercise your privacy rights.
Right to Delete
You may submit a verifiable request to close your account and we will delete Personal Information about you that we have collected.
We do not sell the Personal Information of our users.
We use and disclose this information for the business purposes described in this policy, including to: audit our Service, detect security incidents and prevent fraud, debug and repair errors, maintain your account, provide customer service, process or fulfill orders, conduct research and development and other activities to improve our Service, show advertising, market our Services, and understand how users interact with our Services.
MĀRA may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 04/06/2020.