Privacy Policy

  1. Home

§ 1 OMMAX - Websites

Thank you for your interest in our website. The protection of your personal data is important to us. Below you will find information on the handling of your data that is collected through your use of our website. Your data will be processed in accordance with the legal data protection regulations. Insofar as links are provided to other websites, we have neither influence nor control over the linked contents and the data protection regulations there. We recommend checking the data protection declarations on the linked websites to determine whether and to what extent personal data is collected, processed, used or made available to third parties.

§ 2 Summary

This Privacy Policy applies to all OMMAX websites. These include our corporate websites www.ommax.de, www.ommax-digital.com, www.ommax-marketing.com and www.ommax-consulting.com as well as other existing websites. This Privacy Policy describes how OMMAX collects and uses information that you provide when you visit our websites. It also describes the choices you have about how we use this information and how you can access and update it.

§ 3 Contact persons and responsibilities

Responsible entity within the meaning of data protection law:

OMMAX Ltd
Toni Stork

Kaulbachstraße 4
80539 Munich
Germany

digital@ommax.de
+49 89 2778 13-0

Headquarters: Munich, Registration Court: Munich Local Court, Registration Number: HRB 190936
Managing Directors: Toni Stork, Christiane Jauch, Dr. Stefan Sambol, Dr. Anja Konhäuser, Christian Brugger, Florian Ewald, Peter Makovitzky, Philipp Ortlieb, Sven Vörtmann

Contact details of the data protection officer:

Proliance GmbH,
Datenschutzbeauftragter,
Leopoldstrasse 21, 80802 München
datenschutzbeauftragter@datenschutzexperte.de

§ 4 Definition of personal data

Personal data is any information about the personal and actual circumstances of a particular or identifiable person. This information includes, for example, your name, e-mail address, postal address or telephone number. Information on the basis of which your identity cannot be determined without additional data is not included.

In the opinion of the supervisory authorities, IP addresses are, in particular, data that refer to personal data. The transmission of the IP address when accessing a website is a technical necessity. If necessary, the data is analysed for statistical purposes in anonymous and pseudonymised form. This means that it is not possible to identify you personally through this.

In principle, our data protection declaration should be simple and understandable for everyone. For this reason, our data protection declaration generally uses the official terms of the General Data Protection Regulation (GDPR). The official definitions are explained in Art. 4 GDPR.

§ 5 Data processing by visiting our website

When you visit our website, it is technically necessary that data is transmitted to our web server via your internet browser. The following data is recorded during a running connection for communication between your internet browser and our web server:

  • Visited domain
  • The date and time of the request
  • Page from which the file was requested
  • Access status (file transferred, file not found, etc.)
  • The web browser, system language, operating system and device type used
  • IP address of the requesting computer
  • The amount of data transferred

We collect the listed data to ensure a smooth connection to the website and to enable a comfortable use of our website by the users. In addition, the log file serves the purpose of evaluating system security and stability, as well as providing administrative functions. The legal basis for the temporary storage of data or log files is Art. 6 para. 1 a. GDPR.

§ 6 Storage of data

If we receive personal data from you, OMMAX will store it on a server and use it exclusively for the purposes for which you have transmitted it to us. All the servers used by OMMAX are located within the European Union. We comply with legal regulations both during transmission and after receipt, taking into account the state of the art and suitable technical and organisational measures to protect personal information and data transmitted to us. However, no transmission method over the internet or electronic storage method is one hundred percent secure. As a result, we cannot guarantee absolute safety.

§ 7 Newsletter

You can register on our website to receive our newsletter. We need your e-mail address for this. In addition, we must check whether you are actually the owner of the e-mail address provided and would like to receive the newsletter, taking into account the relevant legal regulations. We therefore collect information that makes such a check possible. The data collected in this context is used to send and receive the newsletter. It has no other purpose and will not be passed on to third parties. Apart from the information required for sending the newsletter, no other data is collected from our site. As the sending and receiving of the newsletter is dependent on your consent, you can revoke this consent to the collection and storage of your data at any time without giving reasons. Please use the "Unsubscribe-Link", which is provided in the newsletter.

The newsletter program provider is:

HubSpot, Inc.
25 First Street, 2nd Floor
Cambridge, MA 02141 USA

For further information see §14.

§ 8 Use of website analytics tools (web tracking)

Like most website operators, we also use analytics tools in the form of tracking software to determine the frequency of use and the number of users of our website. According to § 15 Abs. 3 TMG (German Telemedia Act) the service provider may create user profiles for purposes of advertising, market research and for the demand-oriented design of the website, provided that these are not combined with data about the owner of the pseudonym.

§ 9 Google Analytics

This website uses Google Analytics, an internet analysis service provided by Google Inc. "("Google"). Google Analytics uses so-called "cookies" and web beacons. The information generated in relation to the use of this website is transferred by default to a Google server in the USA and stored there. We use Google Analytics only with IP anonymization enabled. This means that Google will reduce the IP address of users within Member States of the European Union or in other signatory states to the Agreement on the European Economic Area, which may exclude any personal relationship. Google Inc., based in the USA, is certified for the US-European data protection agreement "Privacy Shield", which guarantees compliance with the data protection level applicable in the EU. If you have given your consent in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO, the processing on this website carried out for website analysis purposes.

On behalf of the operator of this website, Google will use this information to analyze your use of the website and to generate reports on website activity. Google also uses this information to provide other services related to the use of the website and the internet to the website operator. The IP address sent by your browser as part of Google Analytics is not combined with other Google data. The terms of use of Google Analytics and information on data protection can be accessed via the following links:

http://www.google.com/analytics/terms/de.html and athttps://www.google.de/intl/de/policies/

You can prevent cookies from being saved by adjusting the settings of your browser software accordingly. However, we must point out that in this case you will not be able to use all functions of this website without restrictions. You can also prevent Google from collecting the data generated by the cookie and analysing your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available at http://tools.google.com/dlpage/gaoptout?hl=en

Information on the handling of user data at Google Analytics can be found in Google's data protection declaration:

https://support.google.com/analytics/answer/6004245?hl=en

§ 10 Visual Website Optimizer

Within our online offer, based on our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer [within the meaning of Art. 6 para. 1 lit. f. DSGVO]) the service Visual Website Optimizer (an offer of Wingify Software Private Limited, 404, Gopal Heights, Netaji Subhash Place, Pitam Pura, Delhi 110034, India) is used. Visual Website Optimizer allows us to track the effect of different changes on a website (e.g. changes in input fields, design, etc.) within the framework of so-called "A/B testing", "click tracking" and "heat maps". A/B tests are used to improve the usability and performance of the OMMAX website for our users. For example, users are presented with different versions of a website or its elements, such as input forms, on which the placement of content or labels of navigation elements may differ. Then, based on the behavior of users, e.g., staying on the website longer or interacting with the elements more frequently, it can be determined which of these websites or elements are more likely to meet users' needs. "Click tracking" allows to overview users' movements while using the website. Since the results of these tests are more accurate when users' interactions can be tracked over time (e.g., being able to see if a user likes to return), cookies are usually stored on users' computers for these testing purposes. "Heatmaps" are mouse movements of users that are summarized to form an overall picture, which can be used, for example, to identify which website elements are preferred and which website elements users prefer less. Cookies are stored on users' devices only for these test purposes. Only anonymized user data is processed.

The privacy policy of VWO can be found at: https://vwo.com/privacy-policy/

§ 11 Facebook Plug-Ins

We use so-called social plug-ins of the facebook.com network, such as the "Like" button. These plug-ins are offered and operated by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA, and clearly marked with the Facebook logo. An overview of the Facebook plugins can be found here: https://developers.facebook.com/docs/plugins/

This information (including your IP address) is transmitted directly from your browser to a server in the USA. If you interact with the plugins, for example by clicking the "I like" button or making a comment, this information is also transmitted directly to a Facebook server and stored there. The information is also published on your Facebook profile and displayed to your Facebook friends.

The described data processing processes take place in accordance with art. 6 par. 1 lit. f DSGVO on the basis of Facebook's legitimate interests in the insertion of personalised advertising in order to inform other users of the social network about your activities on our website and to design the service in line with your needs.

When you access a page that contains such a plug-in, your browser connects to Facebook's servers. The content of the plug-in is transmitted directly from Facebook to your browser and displayed accordingly in our environment. The provider therefore has no influence on the extent of the data that Facebook collects with the help of this plug-in and therefore informs users according to their level of knowledge: http://www.facebook.com/help/?faq=17512

Facebook may be able to track and associate your visit to our respective pages with a Facebook account if you are registered with Facebook or have recently visited a page on Facebook or with Facebook content. If you actively use plug-ins (e.g. press the like button), the corresponding information is also transmitted directly from your browser to Facebook without us having any influence on this. For more detailed information on the type, purpose and scope as well as the further processing and use of your data by Facebook, please refer to the data protection information on Facebook. There you will also learn more about your rights in this regard and the setting options for the protection of your privacy.

Privacy policy on Facebook: facebook.com/privacy/policy/

If you do not want Facebook to associate your visit to our pages with your Facebook account, please log out of your Facebook account. You can also object to the loading of the Facebook plugins and thus the data processing procedures described above with add-ons for your browser in the future, e.g. with the script blocker "NoScript" (https://noscript.net/).

Facebook Inc., based in the USA, is certified for the US European Privacy Shield, which guarantees compliance with the data protection level applicable in the EU.

For more information, please see Facebook's Privacy Policy at: facebook.com/privacy/policy/

§ 12 Twitter Plug-In

Our pages include functions of the Twitter service. These functions are provided by Twitter Inc, Twitter, Inc. 1355 Market St, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the "Re-Tweet" function, the websites you visit are linked to your Twitter account and made known to other users. Data is also transmitted to Twitter.

We would like to point out that, as the provider of the pages, we are not aware of the content of the data transmitted or how it is used by Twitter. For more information, please see Twitter's privacy policy.

The described data processing procedures take place according to art. 6 par. 1 lit. f DSGVO on the basis of the legitimate interests of Twitter in the insertion of personalised advertising in order to inform other users of the social network about your activities on our website and for the demand-oriented design of the service.

You can also object to the loading of Twitter plug-ins and thus the data processing procedures described above with add-ons for your browser for the future, e.g. with the script blocker "NoScript" (https://noscript.net/).

Link to the privacy policy of Twitter: twitter.com/en/privacy

You can change your Twitter privacy settings in your account settings at https://twitter.com/settings/account

§ 13 LinkedIn

Within our online offer we use the marketing functions (so-called "LinkedIn Insight Tag") of the network LinkedIn. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Every time you visit one of our pages that contains functions of LinkedIn, a connection to LinkedIn's servers is established. LinkedIn is informed that you have visited our website with your IP address. With the help of the LinkedIn Insight Tag we can analyse the success of our campaigns within LinkedIn or determine target groups for them based on the interaction of the users with our online offer. If you are registered with LinkedIn, it is possible for LinkedIn to associate your interaction with our online service with your user account. Even if you click on the "Recommend-Button" from LinkedIn and are logged into your LinkedIn account, LinkedIn is able to assign your visit to our website to you and your user account. LinkedIn is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law.

The described data processing procedures take place according to art. 6 para. 1 lit. f DSGVO on the basis of the legitimate interests of LinkedIn in the insertion of personalised advertising in order to inform other users of the social network about your activities on our website and for the demand-oriented design of the service.

You can also object to the loading of the LinkedIn plug-ins and thus the data processing procedures described above with add-ons for your browser in the future, e.g. with the script blocker "NoScript" (https://noscript.net/).

(https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active). Privacy Policy: https://www.linkedin.com/legal/privacy-policy, Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

§ 14 HubSpot

We use HubSpot for our marketing activities. HubSpot is a software company from the USA with a branch in HubSpot Ireland Limited in Ground Floor, Two Dockland Central, Guild St, North Dock, Dublin, D01 R8H7, Ireland. We use this integrated software solution for our own marketing, lead creation and customer service purposes. This includes e-mail marketing, which regulates the dispatch of newsletters as well as automated mailings, social media publishing, reporting, contact management, such as user segmentation and CRM, landing pages and contact forms. HubSpot uses cookies. Cookies are small text files that are locally stored on your end device and are used to analyse your visit on our website. HubSpot analyses the collected information (e.g. IP address, location, browser type, duration of the website visit) on our behalf so we can generate reports about website visits. Information collected by HubSpot as well as contents from our websites are stored on servers belonging to HubSpot’s service providers. In case you gave your consent pursuant to Art. 6 para. 1 s.1 lit GDPR data on this website is processed for the purpose of website analysis.

HubSpot is certificated for the compliance with the EU-U.S. Privacy-Shield as well as the Swiss-U.S. Privacy Shield. For further information please go to “Privacy Shield List” on the Website of the U.S. Department of Commerce, available at www.privacyshield.gov/welcome. You can permanently object the setting of cookies by ceasing your browser settings. You can object the processing of your personal data at any time with effect for the future by sending an e-mail to digital@ommax.de

More information on HubSpot's privacy policy can be found here: legal.hubspot.com/privacy-policy

§ 15 Google Maps

Our homepage uses the online map service provider Google Maps via an interface. The map service provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. To use the functionalities of Google Maps it is necessary to save your IP address. This information is transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission. The use of the Google Maps map service is in the interest of an appealing presentation of our online offer and to make it easier to find the addresses we have listed on the website. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO.

For more information on how we treat user data, please see Google's privacy policy: https://www.google.de/intl/de/policies/privacy/

Opt-out: adssettings.google.com/

§ 16 Cookies

Our website uses cookies, which are stored by the browser on your device and which contain certain settings for the use of the website (e.g. for the current session). Cookies serve to make our website more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are so-called session cookies, which are automatically deleted after closing the browser. Other cookies remain stored on your end device until you delete them or the storage period expires. These cookies enable us to recognize your browser the next time you visit our website.

In some cases, cookies are used to simplify website processes by saving settings (e.g. the provision of already selected options). If personal data is also processed by individual cookies implemented by us, the processing is carried out in accordance with Art. 6 para. 1 lit. b GDPR either for the execution of the contract or in accordance with Art. 6 para. 1 lit. f GDPR to safeguard our legitimate interests in the best possible functionality of the website and a customer-friendly and effective design of the page visit.

You can configure your browser in such a way that you are informed about the settings of cookies and only allow cookies in individual cases, excluding the acceptance of cookies for certain cases or in general deactivating cookies and  activating the automatic deletion of cookies when closing the browser. The cookie settings can be managed using the following links for the respective browser.

Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen

Internet Explorer: support.microsoft.com/en-GB/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d

Chrome: support.google.com/chrome/answer/95647

Safari: apple.com/legal/privacy/en-ww/cookies/

Opera: help.opera.com/en/latest/web-preferences/#cookies

You can also individually manage the cookies of many companies and features used for advertising. Use the corresponding user tools, available at: optout.aboutads.info or youronlinechoices.com/uk/your-ad-choices

Most browsers also offer a so-called "Do-Not-Track function" with which you can specify that you do not want to be "tracked" by websites. When this feature is enabled, your browser tells advertising networks, websites and applications that you do not want to be tracked for behavior-based advertising. Information and instructions on how to edit this function are available from the links below, depending on the provider of your browser:

Google Chrome: https://support.google.com/chrome/answer/2790761?co=GENIE.Platform%3DDesktop&hl=en

Mozilla Firefox: support.mozilla.org/en-US/kb/how-do-i-turn-do-not-track-feature

Internet Explorer: support.microsoft.com/en-GB/windows/use-do-not-track-in-internet-explorer-11-ad61fa73-d533-ce96-3f64-2aa3a332e792

Opera: https://help.opera.com/en/latest/security-and-privacy/#tracking

Safari: support.apple.com/

You can also prevent scripts from being loaded by default. NoScript allows you to run JavaScripts, Java and other plug-ins only on trusted domains of your choice. For information and instructions on how to edit this feature, contact your browser vendor (e.g. for Mozilla Firefox at: https://addons.mozilla.org/de/firefox/addon/noscript/).

Please note that when cookies are deactivated, the functionality of this website may be limited.

 




 

§ 17 Data transfer and recipient

We do not sell your personal data to third parties. Your personal data will not be passed on to third parties unless

  • we have explicitly indicated this in the description of the respective data processing,
  • you have given your explicit consent in accordance to Art. 6 para. 1 sentence 1 lit. a GDPR,
  • the disclosure pursuant to Art. 6 para. 1 sentence 1 f GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an outright interest worthy of protection in not disclosing your data,
  • that a legal obligation exists for the transfer pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR and
  • this is required under Art. 6 para. 1 sentence 1 lit. b GDPR for the processing of contractual relationships with you.

We also use external service providers, which we have carefully selected and commissioned in writing, to carry out our services. They are bound by our instructions and are regularly checked by us. With which we have concluded order processing contracts in accordance with Art. 28 GDPR, if necessary. These are service providers for web hosting, sending e-mails and maintaining our IT systems, etc. The service providers will not pass this data on to third parties.

 

§ 18 Content Delivery Network

We use the CDN service "Nitropack". The provider is NitroPack Ltd, 3 Prof. Georgi Bradistilov, entr. A, 3rd floor, Sofia, Bulgaria (hereinafter "Nitropack").

Nitropack provides a globally distributed content delivery network with DNS. This technically routes the transfer of information between your browser and my website through Nitropack's network. A CDN is an online service that is used to deliver large media files (such as graphics, page content or scripts) through a network of regionally distributed servers connected via the Internet. The use of Nitropack's Content Delivery Network helps to optimise the loading times of our website.

The use of Nitropack is based on our legitimate interest in providing our website as error-free, secure and efficient as possible and improving the stability and functionality of our website (Art. 6 para. 1 lit. f DSGVO).

You can find more information about security and data protection at Nitropack here:

https://nitropack.io/page/privacy

§ 19 Duration of data storage

We adhere to the principles of data avoidance and data minimization. Accordingly, we will only store your personal data for as long as necessary to achieve the purposes stated here or in accordance with the various storage periods prescribed by law. Once the targets have been met or these deadlines have expired, the relevant data is routinely blocked or deleted in accordance with legal requirements.

§ 20 Rights of the persons concerned

In the following section you will find information on the rights of persons concerned which are granted to you by the current data protection laws with regard to the entity responsible of the processing of your personal data:

The right to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of complaint, the origin of your data, if these have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information regarding their details.

The right to immediately request the correction of incorrect or complete personal data stored by us in accordance with Art. 16 GDPR.

The right to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.

The right, pursuant to Art. 18 GDPR, to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to have it deleted and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have filed an objection against the processing pursuant to Art. 21 GDPR.

The right, in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, current and machine-readable format or to request its transfer to another person responsible.

The right to revoke your consent granted pursuant to Art. 7 para. 3 GDPR at any time with effect in the future.

The right to complain to a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can contact the supervisory authority of the federal state in which we have our registered office or, if applicable, that of your usual place of residence or work.

The right to revoke consent granted pursuant to Art. 7 para. 3 GDPR: You have the right to revoke consent to the processing of data once granted at any time with effect for the future. In the event of revocation, we will delete the data concerned without delay, unless further processing can be based on a legal basis for processing without consent. The revocation of consent shall not affect the legality of the processing carried out on the basis of the consent until revocation;

Right of objection

If your personal data is processed by us on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, insofar as this is for reasons arising from your particular situation. If the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right of objection without the requirement to indicate a special situation.

If you wish to exercise your right of revocation or opposition or any of your other rights, simply send an e-mail to info@ommax.de with the subject "Data protection OMMAX websites". If necessary, you must provide proof of your identity or that it is your account.

§ 21 Subject to alterations

OMMAX reserves the right to change this Privacy Policy at any time in accordance with the law. If we make significant changes, we will notify you by posting a notice on this website before the change takes effect. We ask you to check this page regularly for current information on our data protection practices.

§ 22 Disclaimer

We may also share your personal information under the following circumstances:

to the extent required by law for the purpose of subsequent performance of an information request or comparable legal action

  • if we believe in good faith that disclosure is necessary to protect our rights, your safety or the safety of third parties, to investigate fraud or in response to an official request
  • if OMMAX is involved in a merger, acquisition or disposal of all or part of its assets, we will notify you by e-mail and/or by posting a prominent notice on our website of changes in ownership or use of your personal information and choices regarding your personal information.
  • to third parties with your prior consent.

Status of this data protection declaration: 23.05.2019